← back
CVE-2026-35901

CVE-2026-35901

CVSS 4.4 MEDIUMEPSS 0.2%CWE-400
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.4EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Apr 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connection, leading to a denial-of-service condition.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected products
n/a · n/a