CVE-2025-66848

CVE-2025-66848 affects JD Cloud NAS routers: AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier). The vulnerability is an unauthorized remote comman...

PT-2025-54202

Name of the Vulnerable Software and Affected Versions JD Cloud NAS routers AX1800 versions 4.3.1.r4308 and earlier JD Cloud NAS routers AX3000 versions 4.3.1.r4318 and earlier JD Cloud NAS routers AX6600 versions 4.5.1.r4533 and earlier JD Cloud NAS routers BE6500 versions 4.4.1.r4308 and earlier...

CLSA-2025-1753799801 Fix CVE(s): CVE-2025-32462

SECURITY UPDATE: unauthorized command execution on remote hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462...

Unauthorized Remote Command Execution Vulnerability in Multiple Vendor IP Cameras

Avidsen, RTJ, TENVIS and other manufacturers webcams. An unauthorized remote command execution vulnerability exists in multiple vendor IP Cameras. A remote attacker can execute arbitrary commands on the device without authorization...

Node-RED Unauthorized Remote Command Execution Vulnerability

Node-RED is a tool for building Internet of Things IOT applications that focuses on simplifying the "connectivity" of code blocks to perform tasks. Node-RED is vulnerable to unauthorized remote command execution. Since the Node-RED application does not enforce any type of authentication,...