An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding message body. The affected RTSP parser enters a body-waiting state instead of rejecting the malformed request, causing all subsequent data on the connection to be silently consumed as body content until a server-side timeout closes the connection.
History

Mon, 13 Jul 2026 08:00:00 +0000

Type Values Removed Values Added
Title RTSP Content-Length Header Exploit Causes Denial of Service on MERCURY MIPC252W Camera

Sun, 12 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
Title RTSP Parser Misbehaves on Malformed Content‑Length Header, Causing Temporary Disconnection

Fri, 10 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 10 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Title RTSP Parser Misbehaves on Malformed Content‑Length Header, Causing Temporary Disconnection
Weaknesses CWE-20

Fri, 10 Jul 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Mercury
Mercury mipc252w
Vendors & Products Mercury
Mercury mipc252w

Thu, 09 Jul 2026 17:15:00 +0000

Type Values Removed Values Added
Description An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding message body. The affected RTSP parser enters a body-waiting state instead of rejecting the malformed request, causing all subsequent data on the connection to be silently consumed as body content until a server-side timeout closes the connection.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-07-09T00:00:00.000Z

Updated: 2026-07-10T17:28:11.928Z

Reserved: 2026-06-08T00:00:00.000Z

Link: CVE-2026-51599

cve-icon Vulnrichment

Updated: 2026-07-10T17:25:49.548Z

cve-icon NVD

No data.

cve-icon Redhat

No data.