ID
VAR-202501-1635
CVE
CVE-2025-22968
TITLE
D-Link Systems, Inc. of DWR-M972V Code injection vulnerability in firmware
Trust: 0.8
DESCRIPTION
An issue in D-Link DWR-M972V 1.05SSG allows a remote attacker to execute arbitrary code via SSH using root account without restrictions. D-Link Systems, Inc. of DWR-M972V A code injection vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. D-Link DWR-M972V is a router from D-Link, a Chinese company
Trust: 2.16
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | dlink | model: | dwr-m972v | scope: | eq | version: | 1.05ssg | Trust: 1.0 |
| vendor: | d link | model: | dwr-m972v | scope: | - | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dwr-m972v | scope: | eq | version: | dwr-m972v firmware 1.05ssg | Trust: 0.8 |
| vendor: | d link | model: | dwr-m972v | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | d link | model: | dwr-m972v 1.05ssg | scope: | - | version: | - | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-94 | Trust: 1.0 |
| problemtype: | Code injection (CWE-94) [ others ] | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2025-22968 | Trust: 3.2 |
| db: | JVNDB | id: | JVNDB-2025-005529 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2025-02109 | Trust: 0.6 |
REFERENCES
| url: | https://github.com/crunzex/cve-dlink-lte | Trust: 2.4 |
| url: | https://github.com/crunzex/cve-2025-22968 | Trust: 1.8 |
| url: | https://www.dlink.com/en/security-bulletin/ | Trust: 1.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2025-22968 | Trust: 0.8 |
SOURCES
| db: | CNVD | id: | CNVD-2025-02109 |
| db: | JVNDB | id: | JVNDB-2025-005529 |
| db: | NVD | id: | CVE-2025-22968 |
LAST UPDATE DATE
2025-05-27T23:32:16.385000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2025-02109 | date: | 2025-01-22T00:00:00 |
| db: | JVNDB | id: | JVNDB-2025-005529 | date: | 2025-05-22T08:31:00 |
| db: | NVD | id: | CVE-2025-22968 | date: | 2025-05-21T16:21:44.280 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2025-02109 | date: | 2025-01-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2025-005529 | date: | 2025-05-22T00:00:00 |
| db: | NVD | id: | CVE-2025-22968 | date: | 2025-01-15T16:15:42.657 |