D-Link DIR-3040 is a router from China Youxun (D-Link). It provides the function of connecting to the network. D-Link DIR-3040 has a command injection vulnerability, which stems from the SetTriggerLEDBlink function fails to properly filter the construct command special characters, commands, etc. An attacker can use this vulnerability to cause arbitrary command execution.