CVE-2026-0855 is an OS Command Injection vulnerability classified under CWE-78, discovered in certain models of Merit LILIN P2 IP cameras. This vulnerability allows an authenticated remote attacker to inject arbitrary OS commands that the device executes with elevated privileges. The flaw arises from improper neutralization of special elements in user-supplied input before passing them to the underlying operating system command interpreter. The vulnerability has a CVSS 4.0 base score of 8.7, reflecting its high severity, with an attack vector of network (AV:N), low attack complexity (AC:L), no user interaction (UI:N), and requiring privileges (PR:L). The impact metrics indicate high confidentiality, integrity, and availability impacts, meaning an attacker could fully control the device, exfiltrate sensitive data, manipulate camera feeds, or disrupt device functionality. Although no public exploits are currently reported, the vulnerability's characteristics make it a prime target for attackers seeking to compromise surveillance infrastructure. The affected product, Merit LILIN P2, is used in various security and monitoring deployments, making this vulnerability particularly concerning for environments relying on these cameras for safety and operational monitoring. The lack of available patches at the time of disclosure increases the urgency for defensive measures.

For European organizations, this vulnerability poses a significant threat to physical security and operational continuity. Compromise of IP cameras can lead to unauthorized surveillance, data leakage, and potential pivot points for lateral movement within networks. Critical infrastructure, government facilities, and enterprises relying on Merit LILIN P2 cameras for security monitoring could face espionage, sabotage, or disruption of services. The ability to execute arbitrary OS commands means attackers could disable cameras, manipulate video feeds, or use the compromised devices as footholds to launch further attacks. This could undermine trust in security systems and cause regulatory compliance issues under GDPR and other data protection laws due to potential exposure of personal data captured by cameras. The high severity and ease of exploitation increase the risk profile, especially in sectors with high security demands.

1. Immediately restrict network access to Merit LILIN P2 cameras by placing them behind firewalls or network segmentation to limit exposure to trusted administrators only. 2. Enforce strong authentication mechanisms and regularly update credentials to reduce the risk of unauthorized access. 3. Monitor network traffic and device logs for unusual command execution patterns or access attempts indicative of exploitation. 4. Engage with Merit LILIN support channels to obtain and apply security patches or firmware updates as soon as they become available. 5. If patches are delayed, consider temporary mitigations such as disabling remote management interfaces or using VPNs for secure access. 6. Conduct regular security assessments and penetration tests focusing on IP camera infrastructure to identify and remediate vulnerabilities proactively. 7. Implement intrusion detection/prevention systems (IDS/IPS) tuned to detect command injection attempts targeting these devices. 8. Maintain an inventory of all deployed Merit LILIN P2 cameras to prioritize patching and monitoring efforts effectively.