CVE-2018-8072
HIGHEDIMAX IC-3140W < 3.06, IC-5150W < 3.09, IC-6220DC < 3.06 - Stack Overflow via getsysyeminfo.cgi
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2018-8072. PoCs published by nemux.
Description
An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
Exploits (1)
References (4)
Core 4
Core References
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://gitlab.com/nemux/CVE-2018-8072/blob/master/nemux_codemotion_Rome18_cover.pdf
Exploit, Third Party Advisory x_refsource_misc
https://gitlab.com/nemux/CVE-2018-8072/blob/master/CVE-2018-8072_PoC.txt
Patch, Third Party Advisory x_refsource_misc
https://www.nemux.org/2018/04/24/cve-2018-8072/
Patch, Product, Vendor Advisory x_refsource_confirm
https://www.edimax.com/edimax/download/download/data/edimax/uk/download/for_home/home_network_cameras/home_network_cameras_indoor_fixed/ic-3140w
Scores
CVSS v3
8.8
EPSS
0.0284
EPSS Percentile
84.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (3)
edimax/ic-3140w_firmware
< 3.06
edimax/ic-5150w_firmware
< 3.09
edimax/ic-6220dc_firmware
< 3.06
Published
Apr 26, 2018
Tracked Since
Feb 18, 2026