The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
https://www.hivepro.com/threat-advisory/goldoon-botnet-exploits-longstanding-d-link-vulnerability/
https://www.fortinet.com/blog/threat-research/new-goldoon-botnet-targeting-d-link-devices
https://www.exploit-db.com/exploits/37171/