HQ/EMEAFind out how we can help your business
Botnet malware operators are currently exploiting a severe command injection flaw in the Edimax IC-7100 IP camera. Reports revealed that this new malicious operation and bug have more technical details that will be released next week.
After detecting the problem, the researchers who discovered the activity reported it to the United States and the Cybersecurity and Infrastructure Agency (CISA) sought to contact the Taiwanese vendor.
CISA and the researchers attempted to contact the affected vendor several times, but both have yet to receive a response. However, the company stated at a separate time that the device, which was vulnerable to the botnet campaign, had reached the end of its life cycle and would no longer receive updates.
Still, since the company could not provide additional information, this CVE may affect various devices, and a patch is unlikely to be released.
Edimax IP cameras are built for surveillance in various types of spaces.
The vulnerable Edimax IC-7100 IP is a security camera that can be utilised for remote surveillance in various places, such as homes, small office buildings, commercial facilities, and industrial environments.
This product, released in October 2011, is no longer available through retail channels. Additionally, the company describes it as one of its ‘legacy products.’ This detail implies that it is no longer made and likely no longer supported.
However, most of these gadgets may still be used around the world.
The Edimax vulnerability, CVE-2025-1316, is a critical severity (CVSS v4.0 score 9.3) OS command injection bug caused by poor incoming request neutralisation. A remotely located attacker could exploit this flaw to gain remote code execution by submitting specially crafted queries to the device.
Botnets commonly exploit these devices to perform DDoS attacks, proxy malicious traffic, or pivot to other devices on the network. Given the scenario and active exploitation status of CVE-2025-1316, impacted devices should be discarded or replaced with actively supported products.
Law enforcement agencies urge users to avoid using vulnerable devices that provide important tasks such as surveillance. Edimax users who still employ the compromised version should start finding a replacement.
