16 matches found
CVE-2026-2561
A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function webgetddnsuptime of the file /jdcapi of the component jdcwebrpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit...
EUVD-2026-6082
A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function webgetddnsuptime of the file /jdcapi of the component jdcwebrpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit...
CVE-2026-2562
A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function caststreen of the file /jdcapi of the component jdcwebrpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. Th...
CVE-2026-2562
A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function caststreen of the file /jdcapi of the component jdcwebrpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. Th...
CVE-2026-2561
A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function webgetddnsuptime of the file /jdcapi of the component jdcwebrpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit...
CVE-2026-2561
A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function webgetddnsuptime of the file /jdcapi of the component jdcwebrpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit...
CVE-2026-2562 JingDong JD Cloud Box AX6600 jdcweb_rpc jdcapi cast_streen privileges management
A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function caststreen of the file /jdcapi of the component jdcwebrpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. Th...
CVE-2026-2562
JingDong JD Cloud Box AX6600 firmware up to 4.5.1.r4533 is affected by CVE-2026-2562 in the jdcweb_rpc/jdcapi path (cast_streen). The vulnerability arises from a manipulated File argument in /jdcapi, enabling remote privilege escalation. The attack is described as remote and publicly disclosed. T...
CVE-2026-2562
A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function caststreen of the file /jdcapi of the component jdcwebrpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote. Th...
CVE-2026-2561
JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 contains a vulnerability in the jdcweb_rpc component, specifically the web_get_ddns_uptime function in the /jdcapi path. The issue allows Remote Privilege Escalation after a manipulation of the function, with the attack possible to be carried out rem...
CVE-2026-2561 JingDong JD Cloud Box AX6600 jdcweb_rpc jdcapi web_get_ddns_uptime privileges management
A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function webgetddnsuptime of the file /jdcapi of the component jdcwebrpc. Performing a manipulation results in Remote Privilege Escalation. The attack is possible to be carried out remotely. The exploit...
PT-2026-8353
A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function cast streen of the file /jdcapi of the component jdcweb rpc. Executing a manipulation of the argument File can lead to Remote Privilege Escalation. The attack may be performed from remote...
CVE-2025-15081
CVE-2025-15081 affects JD Cloud BE6500 v4.4.1.r4308. The vulnerability is in function sub_4780 of /jdcapi, where manipulation of the ddns_name argument enables command injection. The attack may be performed remotely and the exploit has been publicly disclosed. Red Hat/NTspecific advisories note n...
CVE-2025-15081 JD Cloud BE6500 jdcapi sub_4780 command injection
A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub4780 of the file /jdcapi. Such manipulation of the argument ddnsname leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used...
PT-2025-53404
Name of the Vulnerable Software and Affected Versions JD Cloud BE6500 version 4.4.1.r4308 Description A command injection issue exists in JD Cloud BE6500 version 4.4.1.r4308. The issue is located in the /jdcapi file and affects the sub 4780 function. Manipulation of the ddns name argument can lea...
JD Cloud BE6500 命令注入漏洞
The JD Cloud BE6500 is a WiFi router from the Chinese company Jingdong JD. A command injection vulnerability exists in the JD Cloud BE6500 version 4.4.1.r4308, which stems from misuse of the parameter ddnsname of the function sub4780 in the file /jdcapi, which could lead to a command injection...