JD Cloud JDCOS Service jdcap set_iptv_info command injection_CVE-2026-7705

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-7705

Source VulDB

Published May 3, 2026 at 22:00

Affected Product

Vendor JD Cloud

Product JDCOS

Version 4.5.1.r4518

Affected Versions JD Cloud JDCOS 4.5.1.r4518

CWE Classification

CWE-77 CWE-74

References

{
    "lastseen": "",
    "description": "A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-03T22:00:15.286Z",
    "modified": "2026-05-03T22:00:15.286Z",
    "type": "cve",
    "title": "JD Cloud JDCOS Service jdcap set_iptv_info command injection",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/360881\nhttps://vuldb.com/vuln/360881/cti\nhttps://vuldb.com/submit/805644\nhttps://www.notion.so/3430c75766a8802dbde3dc8a372c7f46",
    "id": "CVE-2026-7705",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "JD Cloud JDCOS 4.5.1.r4518",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "JDCOS",
    "version": "4.5.1.r4518",
    "vendor": "JD Cloud",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}