Jdcloud Ax6600 Firmware vulnerabilities
4 known vulnerabilities affecting jdcloud/ax6600_firmware.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3
Vulnerabilities
Page 1 of 1
CVE-2025-66848P2CRITICALCVSS 9.8≤ 4.5.1.r45332025-12-30
CVE-2025-66848 [CRITICAL] CWE-94 CVE-2025-66848: JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5
JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability.
nvd
CVE-2026-2561P2HIGHCVSS 8.8≤ 4.5.1.r45332026-02-16
CVE-2026-2561 [HIGH] CWE-266 CVE-2026-2561: A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the functi
A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function web_get_ddns_uptime of the file /jdcapi of the component jdcweb_rpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was
nvd
CVE-2026-2563P3HIGHCVSS 8.8≤ 4.5.1.r45332026-02-16
CVE-2026-2563 [HIGH] CWE-266 CVE-2026-2563: A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the fu
A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function set_stcreenen_deabled_status/get_status of the file /f/service/controlDevice of the component jdcapp_rpc. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit is publicly available and m
nvd
CVE-2026-2562P3HIGHCVSS 8.8≤ 4.5.1.r45332026-02-16
CVE-2026-2562 [HIGH] CWE-266 CVE-2026-2562: A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the f
A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function cast_streen of the file /jdcapi of the component jdcweb_rpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilize
nvd