Edimax IC-7100 IP Camera

Act Now9.8ICS-CERT ICSA-25-063-08Mar 4, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Edimax IC-7100 IP Camera is vulnerable to remote code execution via specially crafted requests sent to the device. All versions are affected. An attacker can exploit this vulnerability without authentication to execute arbitrary code on the camera. Edimax has not responded to CISA coordination requests and no patch is currently available.

What this means

What could happen

An attacker can send specially crafted requests to execute arbitrary code on the camera. This could allow full compromise of the device, potentially enabling surveillance manipulation, video feed interference, or use as a pivot point to attack the plant network.

Who's at risk

Security and surveillance teams at water utilities and power plants using Edimax IC-7100 cameras for facility monitoring, plant perimeter surveillance, or control room recording. This affects any organization using these cameras in operational networks.

How it could be exploited

An attacker on the network (or internet if the camera is exposed) sends a crafted request to the camera's web service. The camera executes the attacker's code without authentication, giving the attacker full control of the device.

Prerequisites

Network access to the camera (HTTP/HTTPS ports)
No authentication required

Remotely exploitableNo authentication requiredLow complexityActively exploited (KEV)High EPSS score (85.1%)No patch availableAll versions affected

Exploitability

Actively exploited — confirmed by CISA KEV

Affected products (1)

ProductAffected VersionsFix Status

IC-7100 IP Camera: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/3

WORKAROUNDIsolate the IC-7100 camera from the internet and restrict network access to only authorized personnel and systems using firewall rules or network segmentation

HARDENINGIf remote access is required, implement a VPN connection to access the camera rather than exposing it directly to the network

HARDENINGMonitor the camera and network for suspicious activity, particularly unexpected requests or connections

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Edimax customer support to inquire about security updates or replacement options

CVEs (1)

CVE-2025-1316

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/1850b807-9f58-4184-8436-bf80fa158393