CVE Tools

mercurycom

Networking Infrastructurecommercial

1

Cumulative CVEs

1

Monthly snapshots

#197

Peak rank

Top products

mr8041 mr804 firmware1

Latest CVEs

The 12 most recently published vulnerabilities affecting mercurycom.

CVE-2026-31256A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://<IP>:554/stre...7.5Apr 27, 2026
CVE-2026-35903MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request...9.8Apr 27, 2026
CVE-2026-35902The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication attempts. By repeatedly sending RTSP requests with invalid authentication parame...6.2Apr 27, 2026
CVE-2026-35901A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for t...4.4Apr 27, 2026
CVE-2025-50398Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter fac_password.9.8Dec 16, 2025
CVE-2025-50401Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password.9.8Dec 16, 2025
CVE-2025-65289A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on the LAN to inject JavaScript into the router's m...6.1Dec 9, 2025
CVE-2025-65288A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) occurs when the device accepts and stores excessively long hostnames from LAN hosts without proper length validatio...6.5Dec 9, 2025
CVE-2023-46518Mercury A15 V1.0 20230818_1.0.3 was discovered to contain a command execution vulnerability via the component cloudDeviceTokenSuccCB.9.8Oct 25, 2023
CVE-2021-27825A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.7.5May 29, 2023
CVE-2022-31849MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution (RCE) vulnerability which is exploitable via a crafted POST request.8.8Jun 16, 2022
CVE-2012-4999Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since,...6.1Sep 19, 2012