CVE-2025-1316
Published: 05 March 2025
Summary
CVE-2025-1316 is a critical-severity OS Command Injection (CWE-78) vulnerability in Edimax Ic-7100 Firmware. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 0.6% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
Edimax IC-7100 devices contain an OS command injection vulnerability (CWE-78) because the firmware does not properly neutralize user-supplied input in network requests. The flaw affects the web interface of this IP camera model and carries a CVSS 4.0 score of 9.3, reflecting network attackability without authentication or user interaction.
An unauthenticated remote attacker can submit specially crafted HTTP requests that result in arbitrary command execution on the device, granting full control over the camera’s operating system and any attached storage or network resources.
CISA has published ICSA-25-063-08 and added CVE-2025-1316 to its Known Exploited Vulnerabilities Catalog, indicating that federal agencies and critical-infrastructure operators should treat the issue as actively exploited and apply vendor patches or mitigations without delay.
The vulnerability’s EPSS score currently stands at 0.8675 with a recorded peak of 0.8729, confirming sustained exploitation interest after public disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6192
Vulnerability details
Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device
- CWE(s)
- KEV Date Added
- 19 March 2025
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes unauthenticated remote code execution via OS command injection (CWE-78) on a public-facing network device, directly enabling T1190 (Exploit Public-Facing Application) for initial access and T1059.004 (Unix Shell) for arbitrary command execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires information input validation mechanisms to neutralize specially crafted requests and prevent command injection leading to remote code execution.
Mandates timely identification, reporting, and correction of the specific flaw in request neutralization to remediate the RCE vulnerability.
Monitors and controls communications at external boundaries to block or restrict network-based crafted requests targeting the vulnerable device.