Lucene search
K

37 matches found

EUVD
EUVD
added 5 days ago5 views

EUVD-2026-42642

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

6AI score0.00433EPSS
Exploits0References2
NVD
NVD
added 5 days ago8 views

CVE-2026-51598

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line...

6.5CVSS0.00177EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-51597

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

9.1CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-51599

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding...

0.00433EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago29 views

CVE-2026-51598

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line...

0.00177EPSS
Exploits0References1
CVE
CVE
added 5 days ago9 views

CVE-2026-51597

CVE-2026-51597 affects the Mercury MIPC252W IP camera, version 1.0.5 Build 230306 Rel.79931n. The issue is that RTSP Digest authentication does not expire nonces, enabling an adjacent network attacker to capture a legitimate authentication exchange and replay the nonce and response in a new conne...

9.1CVSS6AI score0.00372EPSS
Exploits0References1
CVE
CVE
added 5 days ago12 views

CVE-2026-51599

CVE-2026-51599 affects MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n. The issue is an insufficient input validation in the RTSP service where an RTSP request with a Content-Length header but no body causes the RTSP parser to enter a body-waiting state, leading to the connection being silently c...

9.8CVSS6AI score0.00433EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/28 6:35 p.m.8 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

7.5CVSS5.3AI score0.00407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/28 6:35 p.m.6 views

CVE-2026-35902

The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parameters, an unauthenticated attacker can cause the RTSP service to enter a persistent authentication...

6.2CVSS5.3AI score0.00178EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/28 1:22 a.m.7 views

CVE-2026-35901

A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connectio...

4.4CVSS5.3AI score0.00247EPSS
Exploits1References1
NVD
NVD
added 2026/04/27 7:16 p.m.8 views

CVE-2026-35903

MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest response parameter in subsequent RTSP requests within the sa...

9.8CVSS0.00487EPSS
Exploits1References1
NVD
NVD
added 2026/04/27 7:16 p.m.7 views

CVE-2026-35902

The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parameters, an unauthenticated attacker can cause the RTSP service to enter a persistent authentication...

6.2CVSS0.00178EPSS
Exploits1References1
NVD
NVD
added 2026/04/27 7:16 p.m.4 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

7.5CVSS0.00407EPSS
Exploits1References1
NVD
NVD
added 2026/04/27 7:16 p.m.8 views

CVE-2026-35901

A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connectio...

4.4CVSS0.00247EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 12:0 a.m.6 views

CVE-2026-35903

MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest response parameter in subsequent RTSP requests within the sa...

5.3AI score0.00487EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.11 views

Mercury MIPC252W 安全漏洞

The Mercury MIPC252W is a high-definition network monitoring camera from the China Mercury company, capable of wireless connectivity. The version MERCURY MIPC252W 1.0.5 Build 230306 contains a security vulnerability. This vulnerability stems from issues with RTSP service processing during...

6.2CVSS5.8AI score0.00178EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/27 12:0 a.m.35 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

0.00407EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/27 12:0 a.m.9 views

EUVD-2026-25902

A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connectio...

4.4CVSS5.2AI score0.00247EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/27 12:0 a.m.37 views

CVE-2026-35902

The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parameters, an unauthenticated attacker can cause the RTSP service to enter a persistent authentication...

0.00178EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.3 views

PT-2026-35510

Name of the Vulnerable Software and Affected Versions MERCURY IP camera MIPC252W version 1.0.5 Build 230306 Description The RTSP service has an issue handling failed Digest authentication attempts. An unauthenticated attacker can repeatedly send RTSP requests with invalid authentication parameter...

6.2CVSS5.8AI score0.00178EPSS
Exploits1References6
Rows per page
Query Builder