Edimax IC-7100 IP Camera

Act NowCVSS 9.8ICS-CERT ICSA-25-063-08Mar 4, 2025

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The Edimax IC-7100 IP Camera is vulnerable to remote code execution through specially crafted network requests. An attacker can send requests without authentication to execute arbitrary commands on the device. All versions of the IC-7100 are affected. Edimax has not coordinated with CISA and has not released patches. The vulnerability is actively being exploited in the wild.

What this means

What could happen

An attacker on the network can execute arbitrary commands on the IP camera, potentially disabling surveillance, feeding false video feeds, or using the device as a pivot point to access other systems on your network.

Who's at risk

Any organization using Edimax IC-7100 IP cameras for facility surveillance, access control, or monitoring of industrial processes. This affects security and surveillance infrastructure in manufacturing plants, water utilities, power facilities, and municipal buildings.

How it could be exploited

An attacker sends specially crafted requests over the network to the camera's HTTP/HTTPS interface without needing credentials. The device executes the attacker's commands with camera privileges, allowing full control of the device.

Prerequisites

Network access to the IP camera over HTTP or HTTPS (typically port 80 or 443)
No authentication required
Device must be reachable from attacker's network segment

remotely exploitableno authentication requiredlow complexityactively exploited (KEV)high EPSS score (85.4%)no patch availableall product versions affected

Exploitability

Actively exploited — confirmed by CISA KEV

Affected products (1)

ProductAffected VersionsFix Status

IC-7100 IP Camera: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGIsolate all Edimax IC-7100 cameras from internet access by ensuring they are not exposed to public networks or accessible from outside your facility.

HARDENINGPlace IC-7100 cameras behind a firewall and on a separate network segment from business systems and other critical infrastructure.

WORKAROUNDRestrict network access to the cameras to only the management workstations and recording systems that need to communicate with them using firewall rules and ACLs.

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HARDENINGMonitor the camera's network traffic for signs of malicious activity. If intrusion detection is available, enable alerts for suspicious HTTP/HTTPS requests to the camera.

WORKAROUNDContact Edimax customer support to request information on product end-of-life status and discuss replacement options for this unsupported model.

CVEs (1)

CVE-2025-1316

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/1850b807-9f58-4184-8436-bf80fa158393

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.