CVE-2026-2561 | JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 jdcweb_rpc /jdcapi web_get_ddns_uptime privilege escalation

Inserito da Angelo Barbosa | Feb 15, 2026 | CVE

A vulnerability has been found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 and classified as critical. This affects the function web_get_ddns_uptime of the file /jdcapi of the component jdcweb_rpc. Performing a manipulation results in privilege escalation.

This vulnerability is reported as CVE-2026-2561. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-2561 | JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 jdcweb_rpc /jdcapi web_get_ddns_uptime privilege escalation

Post correlati

CVE-2024-9320 | SourceCodester Online Timesheet App 1.0 Add Timesheet Form add-timesheet.php day/task cross site scripting

CVE-2025-11123 | Tenda AC18 15.03.05.19 /goform/saveAutoQos enable stack-based overflow

CVE-2025-4136 | Weitong Mall 1.0.0 Sale Endpoint ID improper authorization

CVE-2025-22797 | Oğulcan Özügenç Gallery and Lightbox Plugin up to 1.0.14 on WordPress cross site scripting