← Zuruck zu CVEs
CVE-2025-66848
CRITICAL9.8
Beschreibung
JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht12/30/2025
Zuletzt geandert1/9/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
jdcloud:ax1800jdcloud:ax1800_firmwarejdcloud:ax3000jdcloud:ax3000_firmwarejdcloud:ax6600jdcloud:ax6600_firmwarejdcloud:be6500jdcloud:be6500_firmwarejdcloud:er1jdcloud:er1_firmwarejdcloud:er2jdcloud:er2_firmware
Schwachen (CWE)
CWE-94
Referenzen
http://jd.com(cve@mitre.org)
https://www.jdcloud.com/cn/(nvd@nist.gov)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.