Hacker News·4 min read·hard

TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years

B
BadChemical
TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years
AI Summary

Security researchers have disclosed multiple vulnerabilities in TP-Link Kasa Spot EC71 cameras, including unauthenticated GPS data exposure that persisted for years. The vendor has released a firmware patch to address these issues, which also included insecure credential storage and cryptographic failures.

Author: Christopher Childress (BadChemical) Status: Patched, CVE-2026-9770 (RSA/IAM) and CVE-2026-13230 (GPS) remediated in 2.4.1.

Continue reading on Headlinne

Create a free account to read the full article.

Read full article →
technologyscience

Get the full story

Sign up for Headlinne to unlock AI insights, political bias analysis, and your personalized news feed.

Create free account

Already have an account? Sign in