CVE-2025-1316 CRITICAL

CVE-2025-1316: Edimax IC-7100 IP Camera OS Command Injection

Vendor Edimax

Product IC-7100 IP Camera

Weakness CWE-78

KEV Status Known Exploited

Published March 4, 2025

Last update October 21, 2025

View on NVD All CVEs

CVSS base score

9.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device

CISA mandated remediation

02CISA Required Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Key dates

03Disclosure timeline

March 4, 2025 CVE published

October 21, 2025 Record updated

External resources

04References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-1316 CISA KEV Reference https://www.edimax.com/edimax/post/post/data/edimax/global/pre… CISA KEV Reference https://nvd.nist.gov/vuln/detail/CVE-2025-1316

Related vulnerabilities

CVE-2025-1316: Edimax IC-7100 IP Camera OS Command Injection

01Description

02CISA Required Action

03Disclosure timeline

04References

05Related CVE