CVE-2026-2563 | JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 jdcapp_rpc /f/service/controlDevice set_stcreenen_deabled_status/get_status privilege escalation

A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. It has been classified as critical. Affected is the function set_stcreenen_deabled_status/get_status of the file /f/service/controlDevice of the component jdcapp_rpc. The manipulation leads to privilege escalation.

This vulnerability is traded as CVE-2026-2563. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More