CVE-2025-1316

CRITICAL KEV

Edimax Ic-7100 Firmware - OS Command Injection

Title source: rule

Description

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device

References (2)

[Mitigation, Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-1316

Scores

CVSS v3 9.8

EPSS 0.8610

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-03-19

VulnCheck KEV 2025-03-07

ENISA EUVD EUVD-2025-6192

CWE

CWE-78

Status published

Products (1)

edimax/ic-7100_firmware

Published Mar 05, 2025

KEV Added Mar 19, 2025

Tracked Since Feb 18, 2026