Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Edimax IC-7100 IP Camera OS Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

Exploited

A vulnerability exists in the Edimax IC-7100 IP camera due to improper neutralization of requests, allowing an attacker to send specially crafted requests that can be executed as commands on the device, leading to remote code execution. This issue affects all versions of the IC-7100 IP camera.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected device.

Remediation

Edimax has not responded to CISA requests for coordination on this vulnerability. Affected users are encouraged to contact Edimax customer support. CISA recommends minimizing network exposure for control system devices, locating them behind firewalls, and using secure remote access methods such as VPNs. Organizations should also perform impact analysis and risk assessment before deploying defensive measures.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

9.7

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

9.7

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Edimax IC-7100 IP Camera OS Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Edimax IC-7100

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating