CyberSecurity news
FlagThis
Pierluigi Paganini@Security Affairs
//
A critical command injection vulnerability, CVE-2025-1316, affecting Edimax Internet of Things (IoT) devices is being exploited to spread Mirai malware. According to reports, multiple botnets are actively targeting Edimax IP cameras, exploiting the flaw to compromise devices and incorporate them into their networks. The attacks involve leveraging default credentials to facilitate the deployment of Mirai, known for orchestrating distributed denial-of-service (DDoS) attacks.
Initial exploitation attempts were observed as early as May 2024, with increased activity in September and again from January to February 2025. Although a proof-of-concept exploit has been available since June 2023, the intrusions highlight the ongoing risk posed by unpatched vulnerabilities in IoT devices. Edimax has stated that the affected IP cameras are end-of-life for over 10 years and they are unable to provide patches. Organizations are urged to update software and firmware.
ImgSrc: securityaffairs
References :
Initial exploitation attempts were observed as early as May 2024, with increased activity in September and again from January to February 2025. Although a proof-of-concept exploit has been available since June 2023, the intrusions highlight the ongoing risk posed by unpatched vulnerabilities in IoT devices. Edimax has stated that the affected IP cameras are end-of-life for over 10 years and they are unable to provide patches. Organizations are urged to update software and firmware.
ImgSrc: securityaffairs
Share:
References :
- gbhackers.com: Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
- MSSP feed for Latest: Botnet Attacks Exploiting Edimax IP Camera Zero-Day Ongoing For Nearly One Year
- www.scworld.com: Attacks exploiting Edimax IP camera zero-day ongoing for nearly a year
- cyble.com: One of the most concerning vulnerabilities in the new CISA catalog is , which affects the Edimax IC-7100 IP Camera. This vulnerability, identified on March 4, 2025, is an OS Command Injection Vulnerability that allows attackers to execute arbitrary commands on the device remotely.
- chemical-facility-security-news.blogspot.com: CISA Adds Edimax Vulnerability to KEV Catalog
- securityaffairs.com: U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog
Classification:
- HashTags: #IoT #Mirai #Vulnerability
- Company: Edimax
- Target: Edimax Internet of Things (IoT) devices
- Product: Edimax IP Camera
- Feature: Command Injection
- Malware: Mirai
- Type: Malware
- Severity: Major