D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function.
https://www.dlink.com/en/security-bulletin/
https://github.com/flamingo1616/iot_vuln/blob/main/D-Link/DIR-3040/6.md