Stack-based Buffer Overflow in JingDong JD Cloud Box AX6600 set_macfilter

Successful exploitation can cause severe compromise of the affected device, including potential arbitrary code execution in the context of the vulnerable process, loss of service due to process or device crashes, and possible full compromise of confidentiality, integrity, and availability on the appliance. The supplied CVSS vectors indicate high impact across C, I, and A. Because the flaw is remotely reachable and exploit details are public, the operational risk is elevated.

Until a fix is available, restrict network access to the management interface and any service path that can reach /sbin/jdcweb_rpc, ideally limiting access to a dedicated administrative network or trusted hosts only. Disable remote administration if not required. Place the device behind firewall rules or ACLs to prevent untrusted network access, monitor for abnormal requests targeting MAC filter configuration functionality, and consider replacing the device if exposure cannot be reduced. Because public exploit disclosure is noted, internet exposure should be treated as high risk.

Upgrade to a vendor-fixed firmware release if one becomes available. If no patched version has been published, the vulnerable firmware version 4.5.3.r4546 should be replaced or the affected device removed from production exposure. The vulnerable code path in set_macfilter within /sbin/jdcweb_rpc should be corrected by enforcing strict bounds checking on all copied or parsed input, using length-limited memory/string operations, and validating MAC filter parameters before they are written to stack-allocated buffers. Given the report that the vendor did not respond, currently available remediation information is limited to avoiding use of the affected version and applying any future vendor update immediately.