Description
The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parameters, an unauthenticated attacker can cause the RTSP service to enter a persistent authentication failure state, preventing legitimate clients from authenticating and leading to a denial of service.
Published:
2026-04-27
Score:
n/a
EPSS:
n/a
KEV:
No
Impact:
n/a
Action:
n/a
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
No data.
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Mon, 27 Apr 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parameters, an unauthenticated attacker can cause the RTSP service to enter a persistent authentication failure state, preventing legitimate clients from authenticating and leading to a denial of service. | |
| References |
|
Subscriptions
No data.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-04-27T18:35:33.091Z
Reserved: 2026-04-06T00:00:00.000Z
Link: CVE-2026-35902
Vulnrichment
No data.
NVD
Status : Awaiting Analysis
Published: 2026-04-27T19:16:51.060
Modified: 2026-04-27T19:26:32.820
Link: CVE-2026-35902
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses
No weakness.