Description
An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding message body. The affected RTSP parser enters a body-waiting state instead of rejecting the malformed request, causing all subsequent data on the connection to be silently consumed as body content until a server-side timeout closes the connection.
Published: 2026-07-09
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 12 Jul 2026 13:45:00 +0000

Type Values Removed Values Added
Title RTSP Parser Misbehaves on Malformed Content‑Length Header, Causing Temporary Disconnection

Fri, 10 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 10 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Title RTSP Parser Misbehaves on Malformed Content‑Length Header, Causing Temporary Disconnection
Weaknesses CWE-20

Fri, 10 Jul 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Mercury
Mercury mipc252w
Vendors & Products Mercury
Mercury mipc252w

Thu, 09 Jul 2026 17:15:00 +0000

Type Values Removed Values Added
Description An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding message body. The affected RTSP parser enters a body-waiting state instead of rejecting the malformed request, causing all subsequent data on the connection to be silently consumed as body content until a server-side timeout closes the connection.
References

Subscriptions

Mercury Mipc252w
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-07-10T17:28:11.928Z

Reserved: 2026-06-08T00:00:00.000Z

Link: CVE-2026-51599

cve-icon Vulnrichment

Updated: 2026-07-10T17:25:49.548Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-12T13:30:04Z

Weaknesses