CVE-2025-22968

Name of the Vulnerable Software and Affected Versions D-Link DWR-M972V version 1.05SSG

Description The issue is related to the implementation of the SSH protocol in the D-Link DWR-M972V router's firmware, which allows a remote attacker to execute arbitrary code via SSH using a root account without restrictions. This is due to incorrect management of code generation.

Recommendations For D-Link DWR-M972V version 1.05SSG, consider restricting access to the SSH service until a patch is available. As a temporary workaround, limit the use of the root account to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.