ГлавнаяУязвимости → CVE-2025-66848
9.8критическая

CVE-2025-66848

Описание

JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability.

Затрагиваемое ПО
Jdcloud Ax1800 firmwareJdcloud Ax1800Jdcloud Ax3000 firmwareJdcloud Ax3000Jdcloud Ax6600 firmwareJdcloud Ax6600Jdcloud Be6500 firmwareJdcloud Be6500Jdcloud Er1 firmwareJdcloud Er1Jdcloud Er2 firmwareJdcloud Er2
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.notion.so/JD-Cloud-Unauth-RCE-2d22b76e8e0c802c975bf186b208d0c2https://www.jdcloud.com/cn/