Filtered by vendor Edimax
Subscriptions
Filtered by product Ic-3140w
Subscriptions
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-40597 | 1 Edimax | 2 Ic-3140w, Ic-3140w Firmware | 2024-11-21 | 9.8 Critical |
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. | ||||
CVE-2021-30165 | 1 Edimax | 2 Ic-3140w, Ic-3140w Firmware | 2024-11-21 | 7.5 High |
The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices. | ||||
CVE-2020-26762 | 1 Edimax | 4 Ic-3116w, Ic-3116w Firmware, Ic-3140w and 1 more | 2024-11-21 | 9.8 Critical |
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08. | ||||
CVE-2018-8072 | 1 Edimax | 6 Ic-3140w, Ic-3140w Firmware, Ic-5150w and 3 more | 2024-11-21 | N/A |
An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function. |
Page 1 of 1.