CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2025-1316

Critical Severity
Edimax
SVRS
84/100
CVSSv3
9.8/10
EPSS
0.72695/1

CVE-2025-1316 is a critical vulnerability affecting Edimax IC-7100 devices, allowing for remote code execution. The device fails to properly neutralize requests, enabling attackers to execute arbitrary code by sending specially crafted requests. With a SOCRadar Vulnerability Risk Score (SVRS) of 84, this vulnerability demands immediate attention and remediation. This high SVRS, coupled with its listing in the CISA KEV catalog and the existence of active exploits, underscores the urgency. Successful exploitation could lead to complete system compromise and unauthorized access to sensitive data. The presence of active exploits 'In The Wild' significantly elevates the risk. Organizations using Edimax IC-7100 devices should immediately apply available patches or mitigations to prevent potential attacks.

TAGS
In The Wild
CISA KEV
Exploit Available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2025-03-05
LAST MODIFIED2025-03-25
Eye Icon
SOCRadar
AI Insight

Description

CVE-2025-1316 describes a remote code execution vulnerability in the Edimax IC-7100 IP camera. The device fails to properly neutralize requests, allowing an attacker to craft malicious requests that can lead to arbitrary code execution on the device. The SOCRadar Vulnerability Risk Score (SVRS) is 34. The vulnerability is actively exploited by hackers.

Key Insights

  • Remote Code Execution: The core issue is the potential for remote code execution. This is a highly critical vulnerability as it grants an attacker the ability to execute arbitrary commands on the compromised device, potentially leading to complete system compromise.
  • CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')): The categorization under CWE-78 indicates that the vulnerability likely stems from inadequate sanitization or validation of user-supplied input before being used in OS commands. This allows attackers to inject malicious commands that the system executes.
  • Active Exploitation In the Wild: The vulnerability is actively exploited by hackers, which increases the urgency for immediate remediation, even though the SVRS is moderate.
  • Impact on IoT Devices: As the vulnerability affects an IP camera, successful exploitation could lead to unauthorized surveillance, access to the local network, or use of the camera in a botnet.

Mitigation Strategies

  1. Firmware Updates: Immediately check for and apply any available firmware updates provided by Edimax for the IC-7100. Firmware updates often include patches for known security vulnerabilities.

  2. Network Segmentation: Isolate the Edimax IC-7100 on a separate network segment or VLAN to limit the potential impact of a successful exploit. This can prevent attackers from pivoting to other devices or systems on the network.

  3. Input Validation and Sanitization: While the vendor needs to address the root cause, consider implementing network-level security controls to filter or block suspicious requests targeting the camera. This could include using a web application firewall (WAF) or intrusion detection/prevention system (IDS/IPS) to identify and block potentially malicious input.

Additional Information

While the CVSS score is low (0) the fact the vulnerability is being exploited in the wild means the impact could still be high and the CVSS score does not accurately represent the level of urgency. If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Edimax IC-7100 IP Camera OS Command Injection Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2025-13162025-03-19
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA2025-05-01
CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA has added three new vulnerabilities to its&nbsp;Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. <a class="fui-Link ___1q1shib f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" href="https://www.cve.org/CVERecord?id=CVE-2025-1316" rel="noreferrer noopener" target="_blank" title
us-cert.gov
rss
forum
news
The Good, the Bad and the Ugly in Cybersecurity – Week 12
SentinelOne2025-03-21
The Good, the Bad and the Ugly in Cybersecurity – Week 12 | Three new bugs added to CISA's KEV catalog, RaaS affiliates use new custom backdoor, and compromised GitHub Action exposes CI/CD secrets.The Good | CISA Updates Its KEV Catalog, Reminding Users to Prioritize Patch Management CISA has added three newly exploited vulnerabilities to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog
sentinelone.com
rss
forum
news
CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation
Ajit Jasrotia2025-03-20
CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup &#38; Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to read files [&#8230;] The post CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation
allhackernews.com
rss
forum
news
U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini2025-03-20
U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog | U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: In early March, 2025, US CISA warned that multiple botnets are exploiting a [&#8230;] <h2
securityaffairs.co
rss
forum
news
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
Ajit Jasrotia2025-03-17
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year | An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on [&#8230;] The post Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last
allhackernews.com
rss
forum
news
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
Divya2025-03-14
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware | A recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command injection vulnerability in Edimax Internet of Things (IoT) devices. This vulnerability, designated as CVE-2025-1316, has been actively used by multiple botnets to spread Mirai malware. Mirai is notorious for compromising IoT devices and orchestrating distributed [&#8230;] The post Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware appeared first on
gbhackers.com
rss
forum
news
Zero day escraviza câmeras Edimax em botnets
Da Redação2025-03-11
Zero day escraviza câmeras Edimax em botnets | Botnets estão explorando uma vulnerabilidade crítica na câmera IP Edimax IC-7100, segundo alerta da CISA, agência de segurança cibernética dos EUA. A falha, identificada como CVE-2025-1316, permite a execução remota de comandos por meio de solicitações maliciosas. A CISA alertou que a vulnerabilidade provavelmente não será corrigida, pois os dispositivos afetados atingiram o fim da [&#8230;] Fonte
cisoadvisor.com.br
rss
forum
news

Social Media

#Vulnerability #CVE20251316 CISA Warns of Critical Edimax IP Camera Flaw (CVE-2025-1316) with Public Exploits and No Vendor Fix https://t.co/xwpSrmPRrw
0
0
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/vPyqArCfJw
0
1
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/GRFuC3CNZA
0
0
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/7vWCIHDX4z
0
0
1
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/BkPtzM5MOF
0
0
2
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/Tz4Bm2iH2q
0
0
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/JnxLgrCPxh
0
0
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/UjaRScZIxM
0
0
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/57lGuj55Dc
0
0
0
🚨#hack #snaphack📢📢📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin ฿ #easymoney #purchasesnaphacking Old Cameras, New Threats 🔥 A critical flaw (CVE-2025-1316, CVSS 9.3) in Edimax IC-7100 cameras is under active attack—turning unpatched devices‼ https://t.co/3UPYEm6QbP
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSEdimaxic-7100_firmware

References

ReferenceLink
[email protected]https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08
[email protected]https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08

CWE Details

CWE IDCWE NameDescription
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence