On July 15, 2020, a 3rd party security researcher submitted a report accusing the DSR-250N Hardware Revision A1 using firmware v3.12 or older of unauthenticated remote command execution DDoS vulnerabilities. This vulnerability was assigned CVE-2020-26567. The Vulnerability was confirmed and a patch was issued to close the issue.
For more information and firmware patch, please visit
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10192