Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sun, 12 Jul 2026 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | RTSP Parser Misbehaves on Malformed Content‑Length Header, Causing Temporary Disconnection |
Fri, 10 Jul 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Fri, 10 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | RTSP Parser Misbehaves on Malformed Content‑Length Header, Causing Temporary Disconnection | |
| Weaknesses | CWE-20 |
Fri, 10 Jul 2026 10:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mercury
Mercury mipc252w |
|
| Vendors & Products |
Mercury
Mercury mipc252w |
Thu, 09 Jul 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding message body. The affected RTSP parser enters a body-waiting state instead of rejecting the malformed request, causing all subsequent data on the connection to be silently consumed as body content until a server-side timeout closes the connection. | |
| References |
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-10T17:28:11.928Z
Reserved: 2026-06-08T00:00:00.000Z
Link: CVE-2026-51599
Updated: 2026-07-10T17:25:49.548Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-12T13:30:04Z