Description
A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connection, leading to a denial-of-service condition.
Published: 2026-04-27
Score: 4.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Mitigate
AI Analysis

Impact

The vulnerability arises from a session handling flaw in the RTSP service of the Mercury MIPC252W camera. An attacker who has authenticated to the device can send a series of SETUP requests targeting the same media track within a single RTSP session. The server misprocesses this pattern, resetting the RTSP connection. This results in a denial‑of‑service condition that can interrupt live video streams or voice services. The weakness is categorized as uncontrolled resource consumption (CWE‑400).

Affected Systems

The flaw is present only in the Mercury MIPC252W camera model 1.0.5 Build 230306 Rel.79931n. No other product or version information is available from the CNA.

Risk and Exploitability

The CVSS score of 4.4 indicates a low‑moderate impact. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited evidence of exploitation. The attack requires valid authentication to the RTSP service and the ability to send repeated SETUP requests; once the pattern is detected, the server will restart the session, creating a DoS. Because no patch is currently available, the risk remains present until a firmware update is released.

Generated by OpenCVE AI on April 28, 2026 at 13:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Configure network devices or firewall rules to rate‑limit SETUP requests per authenticated RTSP session, rejecting excess requests before they reach the camera.
  • Implement or enable high‑availability or load‑balancing for RTSP streams so that traffic can be redirected to a healthy instance if one device becomes unresponsive.
  • Establish monitoring and alerting on RTSP traffic to detect spikes in SETUP request frequency, and trigger automated session resets or temporary bans for offending clients.
  • Contact the manufacturer or check the product’s support portal regularly for a firmware update that corrects the RTSP session handling flaw.

Generated by OpenCVE AI on April 28, 2026 at 13:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Mercurycom
Mercurycom mipc252w
Mercurycom mipc252w Firmware
CPEs cpe:2.3:h:mercurycom:mipc252w:-:*:*:*:*:*:*:*
cpe:2.3:o:mercurycom:mipc252w_firmware:1.0.5:build_230306:*:*:*:*:*:*
Vendors & Products Mercurycom
Mercurycom mipc252w
Mercurycom mipc252w Firmware

Tue, 28 Apr 2026 13:45:00 +0000

Type Values Removed Values Added
Title Repeated RTSP SETUP Request Causing Session Termination in Mercury MIPC252W

Tue, 28 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Mercury
Mercury mipc252w
Vendors & Products Mercury
Mercury mipc252w

Mon, 27 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-400
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 27 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
Description A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connection, leading to a denial-of-service condition.
References

Subscriptions

Mercury Mipc252w
Mercurycom Mipc252w Mipc252w Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-27T19:40:03.681Z

Reserved: 2026-04-06T00:00:00.000Z

Link: CVE-2026-35901

cve-icon Vulnrichment

Updated: 2026-04-27T19:39:49.731Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-27T19:16:47.583

Modified: 2026-05-05T13:41:20.147

Link: CVE-2026-35901

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T13:30:32Z

Weaknesses