CVE-2024-7616: Edimax IC-6220DC/IC-5150W ipcam_cgi cgiFormString command injection
First published: Thu Aug 08 2024(Updated: )
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Edimax Ic-6220dc Firmware | <=3.06 | |
| Edimax IC-6220DC | ||
| All of | ||
| Edimax Ic-5150w Firmware | <=3.06 | |
| Edimax Ic-5150w |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://vuldb.com/?id.273986
- https://vuldb.com/?ctiid.273986
- https://vuldb.com/?submit.383845
- https://yjz233.notion.site/edimax-IC-6220DC-has-command-injection-vulnerability-in-ipcam_cgi-2029d67721f2473b8cfce5e286a70307?pvs=4
- https://yjz233.notion.site/edimax-IC-5150W-has-command-injection-vulnerability-in-ipcam_cgi-cc72c7b7e2f24ba6a6609b6fcf78df34
- agent/title
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/tags
- agent/epss
- vendor/edimax
- canonical/edimax ic-6220dc firmware
- version/edimax ic-6220dc firmware/3.06
- canonical/edimax ic-6220dc
- canonical/edimax ic-5150w firmware
- version/edimax ic-5150w firmware/3.06
- canonical/edimax ic-5150w