CVE-2026-11413
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk14th percentile - higher than 14% of all known CVEs
Summary
A vulnerability has been detected in JingDong JD Cloud Box AX6600 version 4.5.3.r4546, affecting the set_macfilter function in the /sbin/jdcweb_rpc file. Manipulation of this function leads to a stack-based buffer overflow.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious security threat to the system. The public disclosure of the exploit increases the risk of attacks.
Recommendation
It is recommended to immediately update the software to the latest version to eliminate this vulnerability. Additionally, monitor systems for unauthorized access attempts.
Original NVD description (English source)
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

