Negative Exposure: Edimax Network Cameras Used to Spread Mirai

216.73.216.6

Negative Exposure: Edimax Network Cameras Used to Spread Mirai

· Published 17/03/2025 09:28 · Modified 17/03/2025 10:05

Essential information

Published: 17/03/2025 09:28
Modified: 17/03/2025 10:05
Tags: 2025-03-17 botnet exploit malware mirai sha256 sha256 hash
Related entities: 28 observables, 3 techniques (mitre), 1 malware

Description

The Akamai Security Intelligence and Response Team (SIRT) has identified a critical command injection vulnerability, CVE-2025-1316, in Edimax IC-7100 IP cameras. This flaw allows attackers to execute arbitrary commands remotely, leading to the integration of these devices into Mirai-based botnets. The vulnerability stems from improper neutralization of special elements in OS commands, enabling remote code execution through specially crafted requests. Despite detection efforts, Edimax has not provided patches, leaving affected devices exposed to ongoing exploitation.

External references

https://www.akamai.com/blog/security-research/2025/mar/march-edimax-cameras-command-injection-mirai
https://otx.alienvault.com/pulse/67d7eb546507ad4fb355245f