CVE-2025-1316
CRITICAL KEVEdimax IC-7100 Firmware - Remote Code Execution via Crafted Requests
Title source: llmExploitation Summary
CVE-2025-1316 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 19, 2025.
Description
Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device
References (2)
Core 2
Core References
Mitigation, Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-1316
Scores
CVSS v3
9.8
EPSS
0.8675
EPSS Percentile
99.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
total
Details
CISA KEV
2025-03-19
VulnCheck KEV
2025-03-07
ENISA EUVD
EUVD-2025-6192
CWE
CWE-78
Status
published
Products (1)
edimax/ic-7100_firmware
Published
Mar 05, 2025
KEV Added
Mar 19, 2025
Tracked Since
Feb 18, 2026