A critical command injection vulnerability in the Edimax IC-7100 IP camera is currently being exploited by botnet malware. Discovered by Akamai researchers, the vulnerability (CVE-2025-1316) carries a CVSS v4.0 score of 9.3 and allows attackers to execute remote code by sending specially crafted requests to affected devices.

After discovering the flaw, Akamai reported it to CISA, who attempted to contact Edimax. Unfortunately, the Taiwanese vendor did not respond, and no security update is currently available.

The Edimax IC-7100, released in October 2011, is now listed as a “legacy product” by the manufacturer, suggesting it’s no longer in production or supported. Despite limited retail availability, many of these surveillance cameras likely remain in use across homes, offices, and industrial settings worldwide.

Compromised devices are typically incorporated into botnets to launch DDoS attacks, proxy malicious traffic, or infiltrate other devices on the same network. Signs of compromise include performance degradation, excessive heating, unexpected setting changes, and unusual network traffic.

CISA recommends that users:
– Take affected devices offline or replace them with supported alternatives
– Minimize internet exposure for these cameras
– Place devices behind firewalls
– Isolate them from critical business networks
– Use up-to-date VPN products for secure remote access when needed

Akamai researchers plan to release more technical details about the vulnerability and associated botnet next week.