CVE-2026-11413
HIGHJingDong JD Cloud Box AX6600 jdcweb_rpc set_macfilter stack-based overflow
Title source: cnaDescription
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References (5)
Core 5
Core References
Vdb Entry, Technical Description vdb-entry
technical-description
VDB-368970 | JingDong JD Cloud Box AX6600 jdcweb_rpc set_macfilter stack-based overflow
https://vuldb.com/vuln/368970
Signature, Permissions Required signature
permissions-required
VDB-368970 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/368970/cti
Third Party Advisory third-party-advisory
CVE-2026-11413 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-11413
Third Party Advisory third-party-advisory
Submit #820025 | JD Cloud AX6600 JDCOS-4.5.3.r4546 Stack-based Buffer Overflow
https://vuldb.com/submit/820025
Exploit exploit
http://cdn2.v50to.cc/JDcloud-AX6600_overflow.zip
Scores
CVSS v3
8.8
EPSS
0.0075
EPSS Percentile
50.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-119
CWE-121
Status
published
Products (1)
JingDong/JD Cloud Box AX6600
4.5.3.r4546
Published
Jun 06, 2026
Tracked Since
Jun 06, 2026