PatchSiren cyber security CVE debrief
CVE-2026-51602 Tenda CVE debrief
A stack-based buffer overflow vulnerability exists in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91). An unauthenticated remote attacker can cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL field in the first SETUP request. This issue allows an attacker to supply a crafted URL that can trigger a stack buffer overflow, leading to a denial of service. Network administrators and security teams should be aware of the vulnerability's impact on network accessibility and take immediate action to mitigate the risk. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance, ensuring that all necessary precautions are taken to prevent exploitation.
- Vendor
- Tenda
- Product
- CP3 V3.0 (firmware V31.1.9.91)
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-09
- Original CVE updated
- 2026-07-10
- Advisory published
- 2026-07-09
- Advisory updated
- 2026-07-10
Who should care
Network administrators and security teams responsible for managing and securing Tenda CP3 V3.0 devices should be aware of this vulnerability and take immediate action to mitigate the risk. They should review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
Technical summary
The vulnerability is caused by a lack of validation in the RTSP service's second-stage URL routing parser of Tenda CP3 V3.0 (firmware V31.1.9.91). Specifically, the parser fails to check the length of the URL field in the first SETUP request, allowing an attacker to supply a crafted URL that can trigger a stack buffer overflow, leading to a denial of service via a crafted SETUP request. This oversight in URL validation enables attackers to bypass security checks and exploit the vulnerability. To address this issue, defenders should focus on enhancing URL validation and monitoring network traffic for suspicious RTSP requests.
Defensive priority
High
Recommended defensive actions
- Apply the vendor's official patch or firmware update to fix the vulnerability.
- Implement network segmentation to limit the attack surface.
- Monitor network traffic for suspicious RTSP requests.
- Conduct regular vulnerability scans and penetration testing to identify potential weaknesses.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-07-09T17:16:59.930Z and last modified on 2026-07-10T17:41:47.303Z. The NVD entry is currently Deferred. Evidence is limited to CVE and NVD details. Defenders should verify affected product deployments and review official advisories.
Official resources
-
CVE-2026-51602 CVE record
CVE.org
-
CVE-2026-51602 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-09T17:16:59.930Z and has not been modified since then. The NVD entry is currently Deferred.