TP-Link Kasa Cameras Leaked Home GPS via Unauthenticated UDP for Six Years
TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years
I discovered that TP-Link Kasa Spot EC71 cameras exposed precise home GPS coordinates and user credentials through unauthenticated UDP packets for six years. My analysis also revealed fleet-wide hardcoded RSA keys and unsalted MD5 password storage, enabling cross-domain account takeovers. After a challenging disclosure process involving a bricked test device, TP-Link patched these critical flaws in firmware 2.4.1.
"This advisory documents a pattern of targeted, incremental remediation rather than a comprehensive architectural security review."