PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-51600 Tenda CVE debrief

The Tenda CP3 V3.0 firmware V31.1.9.91 is vulnerable to a denial-of-service condition due to improper handling of RTSP requests. Specifically, the device does not validate the Content-Length header field in RTSP requests, including DESCRIBE, SETUP, and PLAY methods. When a request with a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting state, causing the affected TCP connection to become permanently non-functional. This results in a TCP resource leak. Network administrators and security teams should be aware of this vulnerability and take necessary precautions to prevent exploitation.

Vendor
Tenda
Product
CP3 V3.0
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Network administrators and security teams responsible for managing Tenda CP3 V3.0 devices should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes verifying and applying vendor patches, implementing network monitoring, and restricting access to the affected device.

Technical summary

The CVE-2026-51600 vulnerability is caused by the lack of validation of the Content-Length header field in RTSP requests. This allows an unauthenticated remote attacker to cause a denial-of-service condition by sending a specially crafted request. The device fails to actively close the connection, resulting in a TCP resource leak. Affected product context indicates Tenda CP3 V3.0 firmware V31.1.9.91 is vulnerable.

Defensive priority

High

Recommended defensive actions

  • Verify and apply vendor patches or updates to address the vulnerability.
  • Implement network monitoring to detect and respond to potential exploitation attempts.
  • Restrict access to the affected device to only trusted networks and users.
  • Consider implementing additional security controls, such as firewalls or intrusion detection systems, to detect and prevent exploitation.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.

Evidence notes

The CVE record was published on 2026-07-09T17:16:59.693Z and was last modified on 2026-07-10T17:41:47.303Z. The NVD entry is currently Deferred. Evidence is limited to CVE and NVD information. Defenders should verify affected product deployments and review official advisories for scope and guidance.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T17:16:59.693Z and has not been modified since then. The NVD entry is currently Deferred.