Summary: A critical command injection vulnerability (CVE-2025-1316) affecting the Edimax IC-7100 IP camera is currently being exploited by botnet malware that compromises devices. Despite attempts by both Akamai and the U.S. Cybersecurity & Infrastructure Agency (CISA) to contact the manufacturer, Edimax, the device, categorized as end of life, is unlikely to receive further updates or a patch. Users are advised to take impacted devices offline or replace them with actively supported products to mitigate risks.
Affected: Edimax IC-7100 IP camera
Keypoints :
- Vulnerability tracked as CVE-2025-1316 with a critical CVSS score of 9.3.
- Remote attackers can exploit the flaw for remote code execution through specially crafted requests.
- CISA recommends minimizing internet exposure and using secure VPNs for remote access.