Edimax Says No Patches Coming for Zero-Day Exploited by Botnets - SecurityWeek

Edimax has confirmed it cannot patch CVE-2025-1316, a critical command execution vulnerability in its discontinued IC-7100 IP cameras currently being exploited by Mirai-based botnets. The vulnerability requires authentication but succeeds against devices with default credentials. Edimax cannot provide fixes as the product was discontinued over 10 years ago and they lack access to the development environment and source code. Users are advised to avoid internet exposure, implement firewall restrictions, change default credentials, and monitor for suspicious activity.