CRITICAL
MERCURY
CVE published 2026-07-09
CVE-2026-51597
The MERCURY MIPC252W IP camera, version 1.0.5 Build 230306 Rel.79931n, is vulnerable to an authentication bypass attack. The camera's RTSP Digest authentication mechanism does not implement nonce expiration, which allows an adjacent network attacker to capture a legitimate authentication exchange and replay the nonce and response values in a new connection. This enables the attacker to bypass authenticati [truncated]