MERCURY IP Camera MIPC252W RTSP Service Authentication Failure Handling Vulnerability Leading to Denial-of-Service

A denial-of-service vulnerability has been identified in the RTSP service of the MERCURY IP camera model MIPC252W, running firmware version 1.0.5 Build 230306. The issue arises from the RTSP service's improper management of failed Digest authentication attempts. An unauthenticated attacker can exploit this flaw by repeatedly sending RTSP requests with invalid authentication parameters. This exploitation causes the RTSP service to enter a persistent authentication failure state, which blocks legitimate clients from authenticating. As a result, the vulnerability disrupts normal RTSP operations and access to the camera's video stream, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition on the RTSP service, preventing legitimate clients from authenticating and accessing the video stream. This disruption can persist until the device is restarted.

Reproduction

The vulnerability can be reproduced by sending a sequence of RTSP requests that include intentionally invalid Digest authentication parameters. After the RTSP service processes these invalid attempts, it will enter a lockout state that rejects subsequent legitimate authentication requests, causing a denial-of-service condition.