Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Jan 2, 2026

CVE-2025-66848

Description

JD Cloud NAS routers AX1800 (4.3.1.r4308 and earlier), AX3000 (4.3.1.r4318 and earlier), AX6600 (4.5.1.r4533 and earlier), BE6500 (4.4.1.r4308 and earlier), ER1 (4.5.1.r4518 and earlier), and ER2 (4.5.1.r4518 and earlier) contain an unauthorized remote command execution vulnerability.

Affected products

JD/Cloud NAS routers AX1800description
JD Cloud/AX3000llm-create
Range: <=4.3.1.r4318
JD Cloud/AX6600llm-create
Range: <=4.5.1.r4533
Tongyu/AX1800llm-fuzzy
Range: <=4.3.1.r4308

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jd.commitre
www.notion.so/JD-Cloud-Unauth-RCE-2d22b76e8e0c802c975bf186b208d0c2mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000