CNNVD-202512-4768 Information

CNNVD ID

CNNVD-202512-4768

Related CVE

CVE-2025-15081

• CNNVD Published: 2025-12-25

Description (Chinese)

JD Cloud BE6500是中国京东（JD）公司的一款WiFi路由器。 JD Cloud BE6500 4.4.1.r4308版本存在命令注入漏洞，该漏洞源于对文件/jdcapi中函数sub_4780的参数ddns_name的错误操作，可能导致命令注入攻击。

Description (English)

JD Cloud BE6500 is a WiFi router of JD China. The JD Cloud BE6500 4.4.1.r4308 version has a command-injecting loophole, which results from an error in the parameter ddns name for function sub 4780 in document/jdcapi, which may result in an order-injection attack.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

京东

Published

2025-12-25

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.338409 https://vuldb.com/?id.338409 https://gist.github.com/isstabber/4ed3554130681e50b3e987c3c4ee1f29 https://vuldb.com/?submit.707276 https://access.redhat.com/security/cve/cve-2025-15081