Skip to main content

Ax6600 Firmware

4 CVEs product

Monthly

CVE-2026-2563 LOW Monitor

Remote privilege escalation in JingDong JD Cloud Box AX6600 firmware through improper access controls in the jdcapp_rpc service allows authenticated attackers to escalate privileges over the network. Public exploit code exists for this vulnerability, and the vendor has not responded to disclosure attempts. The issue affects firmware versions up to 4.5.1.r4533 with no patch currently available.

Privilege Escalation Ax6600 Firmware
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2562 LOW Monitor

Ax6600 Firmware versions up to 4.5.1. contains a vulnerability that allows attackers to Remote Privilege Escalation (CVSS 6.3).

Privilege Escalation Ax6600 Firmware
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-2561 LOW Monitor

Remote privilege escalation in JingDong JD Cloud Box AX6600 firmware (up to version 4.5.1.r4533) allows authenticated remote attackers to escalate privileges through manipulation of the web_get_ddns_uptime function in the jdcweb_rpc component. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.

Privilege Escalation Ax6600 Firmware
NVD VulDB
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-66848 CRITICAL Act Now

Remote command execution in JD Cloud NAS-series routers (AX1800, AX3000, AX6600, BE6500, ER1 and ER2 firmware) allows unauthenticated network attackers to inject and run arbitrary OS commands on the device. The flaw is rated CVSS 9.8 with an unauthenticated network vector, and while no public exploit has been identified, its EPSS of 1.01% (59th percentile) reflects moderate near-term exploitation likelihood. Successful abuse yields full control of the router, making it a pivot point into the internal network.

Code Injection RCE Ax1800 Firmware Ax3000 Firmware Ax6600 Firmware +3
NVD
CVSS 3.1
9.8
EPSS
1.0%
EPSS 0% CVSS 2.1
LOW Monitor

Remote privilege escalation in JingDong JD Cloud Box AX6600 firmware through improper access controls in the jdcapp_rpc service allows authenticated attackers to escalate privileges over the network. Public exploit code exists for this vulnerability, and the vendor has not responded to disclosure attempts. The issue affects firmware versions up to 4.5.1.r4533 with no patch currently available.

Privilege Escalation Ax6600 Firmware
NVD VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Ax6600 Firmware versions up to 4.5.1. contains a vulnerability that allows attackers to Remote Privilege Escalation (CVSS 6.3).

Privilege Escalation Ax6600 Firmware
NVD VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Remote privilege escalation in JingDong JD Cloud Box AX6600 firmware (up to version 4.5.1.r4533) allows authenticated remote attackers to escalate privileges through manipulation of the web_get_ddns_uptime function in the jdcweb_rpc component. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor.

Privilege Escalation Ax6600 Firmware
NVD VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Remote command execution in JD Cloud NAS-series routers (AX1800, AX3000, AX6600, BE6500, ER1 and ER2 firmware) allows unauthenticated network attackers to inject and run arbitrary OS commands on the device. The flaw is rated CVSS 9.8 with an unauthenticated network vector, and while no public exploit has been identified, its EPSS of 1.01% (59th percentile) reflects moderate near-term exploitation likelihood. Successful abuse yields full control of the router, making it a pivot point into the internal network.

Code Injection RCE Ax1800 Firmware +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy