PT-2025-54202 · Jd Cloud · Jd Cloud Nas Routers Ax3000+5

Published

2025-12-30

·

Updated

2026-02-06

·

CVE-2025-66848

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions JD Cloud NAS routers AX1800 versions 4.3.1.r4308 and earlier JD Cloud NAS routers AX3000 versions 4.3.1.r4318 and earlier JD Cloud NAS routers AX6600 versions 4.5.1.r4533 and earlier JD Cloud NAS routers BE6500 versions 4.4.1.r4308 and earlier JD Cloud NAS routers ER1 versions 4.5.1.r4518 and earlier JD Cloud NAS routers ER2 versions 4.5.1.r4518 and earlier
Description JD Cloud NAS routers are affected by an unauthorized remote command execution issue. This allows for the execution of commands remotely without authorization.
Recommendations Update JD Cloud NAS routers AX1800 to a version later than 4.3.1.r4308. Update JD Cloud NAS routers AX3000 to a version later than 4.3.1.r4318. Update JD Cloud NAS routers AX6600 to a version later than 4.5.1.r4533. Update JD Cloud NAS routers BE6500 to a version later than 4.4.1.r4308. Update JD Cloud NAS routers ER1 to a version later than 4.5.1.r4518. Update JD Cloud NAS routers ER2 to a version later than 4.5.1.r4518.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2025-66848

Affected Products

Jd Cloud Nas Routers Ax1800
Jd Cloud Nas Routers Ax3000
Jd Cloud Nas Routers Ax6600
Jd Cloud Nas Routers Be6500
Jd Cloud Nas Routers Er1
Jd Cloud Nas Routers Er2