The DIR-3040 security flaws discovered and reported by Cisco Talos security researcher Dave McDaniel include hardcoded passwords, command injection, and information disclosure bugs.