JingDong JD Cloud Box AX6600 Remote Privilege Escalation Vulnerability

A remote privilege escalation vulnerability has been identified in the JingDong JD Cloud Box AX6600, affecting versions through 4.5.1.r4533. The issue arises in the 'cast_streen' function within the 'jdcweb_rpc' component, specifically in the '/jdcapi' file. The vulnerability allows for unauthorized manipulation of the 'File' argument, leading to elevated privileges on the device.

Impact

Exploitation of this vulnerability allows for remote command execution on the affected device, with the potential to escalate privileges.

Reproduction

The vulnerability can be reproduced by sending a request to the 'cast_streen' interface of the '/jdcapi' file in the 'jdcweb_rpc' component. The request must include a manipulated 'File' argument that exploits the lack of proper input validation and filtering. This can be done remotely, and a proof-of-concept exploit is available.