| TVN ID | TVN-202501004 |
|---|---|
| CVE ID | CVE-2026-0855 |
| CVSS | 8.8 (High) CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | IP Camera P2/ P3/ Z7/ P6/ V1/ IPD/ IPR/ LD/ LR seires models |
| Description | Certain IP Camera models developed by Merit LILIN has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the device. |
| Solution | The IPD/IPR/LD/LR models are no longer supported and replacement is recommended. For the remaining affected models, please refer to the official advisory(M00176) to update the firmware. |
| Credit | Li-Fan Cheng, Chih-Che Chang, Yu-Chieh Kuo, Shi-Yi Xie, Yuan-Chieh Chang, An-Wei Kung(NICS) |
| Public Date | 2026-01-12 |
:::