Edimax IP Camera NTP_serverName command injection

Added: 03/21/2025
CVE: CVE-2025-1316

Background

Edimax IP Cameras are a product line of security cameras which send video footage over an IP network.

Problem

A command injection vulnerability in the NTP_serverName POST parameter of an update request allows remote attackers to execute arbitrary commands. This vulnerability can be exploited using a well known default password.

Resolution

Minimize network exposure of the device, and ensure that it is not reachable from the Internet. Use a VPN if remote access is needed.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08

Limitations

Exploit only works if the default device password is unchanged.
Back to exploit index