GCVE - cpe:2.3:h:edimax:ic-3140w:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:edimax:ic-3140w:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Edimax (`b21209bc-38b2-5a9c-baa2-25a5068c39e9`)
Product	Ic 3140W (`098ffdcb-ab68-59fe-9d29-870c6bdfe1bc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-40597`	not_vulnerable	2026-06-03 14:45:24.413529	Details available The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. Published: 2022-06-29T19:44:58.000Z Updated: 2024-08-04T02:44:10.864Z Open on db.gcve.eu Reference links https://www.edimax.com/edimax/download/download/data/edimax/global/download/ https://drive.google.com/file/d/1ZPFwAoO8tAD0zrWwVZ9W6-CUCrcM0Exm/view?usp=sharing https://drive.google.com/file/d/1DZCzVULjchY0rSJBXIPr0gJM1qWCcAZ5/view?usp=sharing	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-30165`	not_vulnerable	2026-06-03 14:44:27.411467	EDIMAX Technology Co., Ltd. HD Wireless Day & Night Network Camera IC-3140W - Hard-coded password HIGH (7.5) The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices. Published: 2021-04-27T03:07:36.944Z Updated: 2024-09-17T00:21:26.883Z Open on db.gcve.eu Reference links https://www.twcert.org.tw/tw/cp-132-4670-359c8-1.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-26762`	not_vulnerable	2026-06-03 14:42:17.046378	Details available A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08. Published: 2020-12-01T14:56:08.000Z Updated: 2024-08-04T16:03:21.672Z Open on db.gcve.eu Reference links https://www.edimax.com/edimax/download/download/data/edimax/de/download/for_home/home_network_cameras/home_network_cameras_indoor_fixed/ic-3116w	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-8072`	not_vulnerable	2026-06-03 14:39:08.296604	Details available An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VALUE_HERE HTTP request: if the VALUE_HERE length is more than 0x400 (1024), it is possible to overwrite other values located on the stack due to an incorrect use of the strcpy() function. Published: 2018-04-26T15:00:00.000Z Updated: 2024-08-05T06:46:12.262Z Open on db.gcve.eu Reference links https://gitlab.com/nemux/CVE-2018-8072/blob/master/nemux_codemotion_Rome18_cover.pdf https://gitlab.com/nemux/CVE-2018-8072/blob/master/CVE-2018-8072_PoC.txt https://www.nemux.org/2018/04/24/cve-2018-8072/ https://www.edimax.com/edimax/download/download/data/edimax/uk/download/for_home/home_network_cameras/home_network_cameras_indoor_fixed/ic-3140w	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.