← Retour aux CVEs
CVE-2025-66848
CRITICAL9.8
Description
JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie12/30/2025
Derniere modification1/9/2026
Sourcenvd
Observations honeypot0
Produits affectes
jdcloud:ax1800jdcloud:ax1800_firmwarejdcloud:ax3000jdcloud:ax3000_firmwarejdcloud:ax6600jdcloud:ax6600_firmwarejdcloud:be6500jdcloud:be6500_firmwarejdcloud:er1jdcloud:er1_firmwarejdcloud:er2jdcloud:er2_firmware
Faiblesses (CWE)
CWE-94
References
http://jd.com(cve@mitre.org)
https://www.jdcloud.com/cn/(nvd@nist.gov)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.