TP-Link Kasa cameras exposed home GPS data without authentication for 6 years
A security researcher disclosed a vulnerability in TP-Link's Kasa EC71 smart cameras that leaked users' home GPS coordinates over an unauthenticated UDP channel. The flaw allowed anyone on the same network to retrieve precise location data without any login or credentials. The vulnerability reportedly went unaddressed for approximately six years before being publicly disclosed. Details of the finding were published on GitHub as part of an IoT vulnerability research project. The case highlights ongoing concerns about weak security practices in consumer smart home devices.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in