A critical buffer overflow vulnerability in the JD Cloud Box AX6600 allows remote, unauthenticated attackers to execute arbitrary code on the device.

This is a stack-based buffer overflow in the set_macfilter function of the /sbin/jdcweb_rpc binary, which is exploitable remotely without requiring physical access.

With a CVSS score of 8.8, this vulnerability allows an attacker to take complete control of the networking device. This can be used to intercept traffic, launch man-in-the-middle attacks, or pivot into the internal network, posing a severe threat to the entire connected infrastructure.

Immediate Action: Apply the vendor-provided firmware update to resolve the vulnerability. If no update is available, isolate the device from the internet.

Proactive Monitoring: Monitor network traffic for suspicious RPC commands and check for unauthorized changes to MAC filter configurations or device settings.

Compensating Controls: Disable remote management interfaces on the device and ensure it is behind a robust firewall that limits access to administrative ports.

Public Exploit Available: true

Because this device is a network gateway, its compromise is particularly dangerous. Administrators must ensure the firmware is updated immediately and restrict management access to prevent remote attackers from triggering this overflow.