cvedb.io
CVE-2025-66848
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2025-12-30T17:15:43.357 · Last modified 2026-06-17T09:57:16.813

Summary

JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability.

Affected products

jdcloud — ax1800_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when jdcloud ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.