Jdcos
Monthly
Command injection in JD Cloud JDCOS 4.5.1.r4518 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the vid parameter in the set_iptv_info function of the /jdcap service interface. The vulnerability has a CVSS score of 6.3 (Medium) with low attack complexity and is actively weaponized with publicly available exploit code. The vendor has not responded to early disclosure notifications.
Command injection in JD Cloud JDCOS 4.5.1.r4518 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the vid parameter in the set_iptv_info function of the /jdcap service interface. The vulnerability has a CVSS score of 6.3 (Medium) with low attack complexity and is actively weaponized with publicly available exploit code. The vendor has not responded to early disclosure notifications.