PatchSiren cyber security CVE debrief
CVE-2026-51600 Tenda CVE debrief
The Tenda CP3 V3.0 firmware V31.1.9.91 is vulnerable to a denial-of-service condition due to improper handling of RTSP requests. Specifically, the device does not validate the Content-Length header field in RTSP requests, including DESCRIBE, SETUP, and PLAY methods. When a request with a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting state, causing the affected TCP connection to become permanently non-functional. This results in a TCP resource leak. Network administrators and security teams should be aware of this vulnerability and take necessary precautions to prevent exploitation.
- Vendor
- Tenda
- Product
- CP3 V3.0
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Network administrators and security teams responsible for managing Tenda CP3 V3.0 devices should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes verifying and applying vendor patches, implementing network monitoring, and restricting access to the affected device.
Technical summary
The CVE-2026-51600 vulnerability is caused by the lack of validation of the Content-Length header field in RTSP requests. This allows an unauthenticated remote attacker to cause a denial-of-service condition by sending a specially crafted request. The device fails to actively close the connection, resulting in a TCP resource leak. Affected product context indicates Tenda CP3 V3.0 firmware V31.1.9.91 is vulnerable.
Defensive priority
High
Recommended defensive actions
- Verify and apply vendor patches or updates to address the vulnerability.
- Implement network monitoring to detect and respond to potential exploitation attempts.
- Restrict access to the affected device to only trusted networks and users.
- Consider implementing additional security controls, such as firewalls or intrusion detection systems, to detect and prevent exploitation.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-07-09T17:16:59.693Z and was last modified on 2026-07-10T17:41:47.303Z. The NVD entry is currently Deferred. Evidence is limited to CVE and NVD information. Defenders should verify affected product deployments and review official advisories for scope and guidance.
Official resources
-
CVE-2026-51600 CVE record
CVE.org
-
CVE-2026-51600 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T17:16:59.693Z and has not been modified since then. The NVD entry is currently Deferred.