A security flaw (CVE-2025-1316) in Edimax IC-7100 cameras has been exploited since May 2024 to install Mirai botnet malware. This command injection vulnerability allows attackers to execute remote commands using default credentials. Akamai reported that attacks have utilized a known endpoint in the device's firmware. With no update provided by Edimax for these legacy models, users remain vulnerable. The botnet is part of a larger threat exploiting several vulnerabilities to conduct distributed denial-of-service (DDoS) attacks.
The exploit targets the /camera-cgi/admin/param.cgi endpoint in Edimax devices, and injects commands into the NTP_serverName option.
Akamai researchers detail that exploitation attempts utilize default credentials such as admin:1234 to gain unauthorized access.
Collection
[
|
...
]