TP-Link Kasa Cameras Leaked Home GPS via Unauthenticated UDP for Six Years

TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years

8BadChemical💬 1

I discovered that TP-Link Kasa Spot EC71 cameras exposed precise home GPS coordinates and user credentials through unauthenticated UDP packets for six years. My analysis also revealed fleet-wide hardcoded RSA keys and unsalted MD5 password storage, enabling cross-domain account takeovers. After a challenging disclosure process involving a bricked test device, TP-Link patched these critical flaws in firmware 2.4.1.

"This advisory documents a pattern of targeted, incremental remediation rather than a comprehensive architectural security review."

More from this day · 2026-07-18