Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ic\-3140w_firmware
(Edimax)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-29 | CVE-2021-40597 | The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. | Ic\-3140w_firmware | 9.8 | ||
| 2021-04-27 | CVE-2021-30165 | The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices. | Ic\-3140w_firmware | 8.1 | ||
| 2020-12-01 | CVE-2020-26762 | A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08. | Ic\-3116w_firmware, Ic\-3140w_firmware | 9.8 | ||
| 2018-04-26 | CVE-2018-8072 | An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function. | Ic\-3140w_firmware, Ic\-5150w_firmware, Ic\-6220dc_firmware | 8.8 |