Edimax IC-6220DC和Edimax IC-5150W 命令注入漏洞

Edimax IC-6220DC and Edimax IC-5150W are both smart wireless cameras from China Xunzhou Edimax. Command injection vulnerability exists in Edimax IC-6220DC and Edimax IC-5150W version 3.06 and earlier, which stems from the parameter host of the function cgiFormString in the file ipcamcgi, which ca...

CVE-2024-7616 Edimax IC-6220DC/IC-5150W ipcam_cgi cgiFormString command injection

A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcamcgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this...

CVE-2024-7616

Edimax IC-6220DC and IC-5150W (firmware ≤ 3.06) expose a command-injection vulnerability in the ipcam_cgi module, specifically via the cgiFormString function manipulating the host argument. Exploitation could yield unauthorized commands on affected devices. Remediation from the connected sources:...

CVE-2018-8072

Summary: A stack-based buffer overflow in the EDIMAX IP cameras affects IC-3140W (≤3.06), IC-5150W (≤3.09), and IC-6220DC (≤3.06) due to the ipcam_cgi binary. A remote unauthenticated HTTP request to /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE can overflow the stack if VALUE_HERE > ...