CVE advisoryCRITICAL
CVE-2025-66848
JD Cloud NAS Router Unauthorized Remote Command Execution
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
JD Cloud NAS routers are affected by an unauthorized remote command execution vulnerability. Attackers can exploit this critical flaw to gain unauthorized control of the devices over the internet, potentially impacting confidentiality, integrity, and availability.