Vulnerabilities (CVE)

Filtered by vendor Edimax Subscribe
Filtered by product Ic-3140w
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40597 1 Edimax 2 Ic-3140w, Ic-3140w Firmware 2023-12-10 10.0 HIGH 9.8 CRITICAL
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.
CVE-2021-30165 1 Edimax 2 Ic-3140w, Ic-3140w Firmware 2023-12-10 5.0 MEDIUM 8.1 HIGH
The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices.
CVE-2020-26762 1 Edimax 4 Ic-3116w, Ic-3116w Firmware, Ic-3140w and 1 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08.
CVE-2018-8072 1 Edimax 6 Ic-3140w, Ic-3140w Firmware, Ic-5150w and 3 more 2023-12-10 5.8 MEDIUM 8.8 HIGH
An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function.