Another top security camera maker is seeing devices hijacked into botnet

(Image credit: Shutterstock / Jaiz Anuar)

A vulnerability in an old camera is being used to create a botnet
The camera is no longer supported by its vendor and will not receive a patch
Users are advised to move to a newer model

Security researchers are warning cybercriminals are abusing a command injection vulnerability in an old IP camera to build out a botnet.

The IC-7100, manufactured by a Taiwanese networking gear maker called Edimax, is vulnerable to a command injection flaw caused by the improper neutralization of incoming requests, security researchers from Akamai found.

Akamai says that a malicious group is using this flaw right now to build out a botnet - however it isn't known which botnet, or how big it is - although usually, botnets are used in DDoS attacks, illegal proxy services, ad click fraud, and more.

Obtaining confidential information

The flaw is tracked as CVE-2025-1316, and has a severity score of 9.3/10 (critical). It allows threat actors to send a custom-crafted request to the device, and thus gain remote code execution (RCE) capabilities.

The US Cybersecurity and Infrastructure Security Agency (CISA) reportedly tried reaching out to Edimax, to no avail. Akamai was somewhat luckier, being told by Edimax that the camera reached end-of-life and was no longer supported. However, the manufacturer did not say if other, newer models, were also susceptible to the same flaw, and if it would be addressing it any time soon.

The Edimax IC-7100 is a network camera designed for home and small business surveillance. It is used by homeowners, small businesses & retail stores, in offices, and by remote workers. It was released in 2011, and its discontinuation date isn't specified. Unfortunately, many owners don’t keep track of outdated gear, and continue to use hardware and software that is no longer supported, putting themselves at risk.

Unfortunately, the only way to defend against this attack is to remove the cameras and replace them with newer, supported models. Putting it behind the firewall might help mitigate the risk, but it won’t eliminate it entirely.

Via BleepingComputer

Web DDoS attacks see major surge as AI allows more powerful attacks
We've rounded up the best password managers
Take a look at our guide to the best authenticator app

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.