Weelapat Umarsa

**Name of the Vulnerable Software and Affected Versions** D-Link DWR-M972V version 1.05SSG **Description** The issue is related to the implementation of the SSH protocol in the D-Link DWR-M972V router's firmware, which allows a remote attacker to execute arbitrary code via SSH using a root account without restrictions. This is due to incorrect management of code generation. **Recommendations** For D-Link DWR-M972V version 1.05SSG, consider restricting access to the SSH service until a patch is available. As a temporary workaround, limit the use of the root account to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.