Hacker News·4 min read·hard
TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years
B
BadChemical✦AI Summary
Security researchers have disclosed multiple vulnerabilities in TP-Link Kasa Spot EC71 cameras, including unauthenticated GPS data exposure that persisted for years. The vendor has released a firmware patch to address these issues, which also included insecure credential storage and cryptographic failures.
Author: Christopher Childress (BadChemical) Status: Patched, CVE-2026-9770 (RSA/IAM) and CVE-2026-13230 (GPS) remediated in 2.4.1.
technologyscience
✦
Get the full story
Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.
Create free accountAlready have an account? Sign in