D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.
ae3c3447736253b12652f3498e39b80ef8b5c39fdb23d42cf38844008d3a0195