An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP reque...
8.8CVSS
8.9AI Score
0.002EPSS
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGet...
9.8CVSS
9.3AI Score
0.004EPSS
The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices.
8.1CVSS
8AI Score
0.007EPSS
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.
9.8CVSS
9.4AI Score
0.003EPSS