PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-51602 Tenda CVE debrief

A stack-based buffer overflow vulnerability exists in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91). An unauthenticated remote attacker can cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL field in the first SETUP request. This issue allows an attacker to supply a crafted URL that can trigger a stack buffer overflow, leading to a denial of service. Network administrators and security teams should be aware of the vulnerability's impact on network accessibility and take immediate action to mitigate the risk. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance, ensuring that all necessary precautions are taken to prevent exploitation.

Vendor
Tenda
Product
CP3 V3.0 (firmware V31.1.9.91)
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-09
Original CVE updated
2026-07-10
Advisory published
2026-07-09
Advisory updated
2026-07-10

Who should care

Network administrators and security teams responsible for managing and securing Tenda CP3 V3.0 devices should be aware of this vulnerability and take immediate action to mitigate the risk. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.

Technical summary

The vulnerability is caused by a lack of validation in the RTSP service's second-stage URL routing parser of Tenda CP3 V3.0 (firmware V31.1.9.91). Specifically, the parser fails to check the length of the URL field in the first SETUP request, allowing an attacker to supply a crafted URL that can trigger a stack buffer overflow, leading to a denial of service via a crafted SETUP request. This oversight in URL validation enables attackers to bypass security checks and exploit the vulnerability. To address this issue, defenders should focus on enhancing URL validation and monitoring network traffic for suspicious RTSP requests.

Defensive priority

High

Recommended defensive actions

  • Apply the vendor's official patch or firmware update to fix the vulnerability.
  • Implement network segmentation to limit the attack surface.
  • Monitor network traffic for suspicious RTSP requests.
  • Conduct regular vulnerability scans and penetration testing to identify potential weaknesses.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.

Evidence notes

The CVE record was published on 2026-07-09T17:16:59.930Z and last modified on 2026-07-10T17:41:47.303Z. The NVD entry is currently Deferred. Evidence is limited to CVE and NVD details. Defenders should verify affected product deployments and review official advisories.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T17:16:59.930Z and has not been modified since then. The NVD entry is currently Deferred.