## https://sploitus.com/exploit?id=SAINT:2CEDD0194C77120545A6315E534CFE66
Added: 03/21/2025
CVE: CVE-2025-1316
### Background
Edimax IP Cameras are a product line of security cameras which send video footage over an IP network.
### Problem
A command injection vulnerability in the `**NTP_serverName**` POST parameter of an update request allows remote attackers to execute arbitrary commands. This vulnerability can be exploited using a well known default password.
### Resolution
Minimize network exposure of the device, and ensure that it is not reachable from the Internet. Use a VPN if remote access is needed.
### References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-08
### Limitations
Exploit only works if the default device password is unchanged.