Recently, I have published another vulnerability of D-Link router. That router model is DIR-600M with firmware version is 3.04. This model is the home router model and D-Link. I got the CVE-2019-7736.
An unauthenticated user can visit the page “wan.htm” (if exposed to the internet) and obtain the admin account password in clear text.
Proof of concept
I have got another CVE-2018-16605 number of D-Link router. The attack XSS vulnerability in firware. They don’t have sensitized input field. You can see Proof of concept of XSS.