Tyeyeah

**Name of the Vulnerable Software and Affected Versions** D-Link DIR-890L version 1.20b01 **Description** The issue allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter `descriptor` at the API endpoint "SetVirtualServerSettings.php". **Recommendations** For D-Link DIR-890L version 1.20b01, consider disabling the Wake-On-Lan option as a temporary workaround until a patch is available. Restrict access to the SetVirtualServerSettings.php endpoint to minimize the risk of exploitation. Avoid using the parameter `descriptor` in the affected API endpoint until the issue is resolved.