| TP-Link Kasa cameras leaked home GPS via unauthenticated UDP for 6 years(github.com) | |
| 233 points by BadChemical 1 day ago | 87 comments | |
tl;dr: TP-Link Kasa Spot EC71 cameras exposed precise home GPS coordinates, hardware IDs, and device metadata via a single unauthenticated UDP packet to port 9999 — a flaw in TP-Link's Smart Home Protocol publicly documented since 2016 and specifically identified on Kasa cameras in 2020. The firmware also contained fleet-wide RSA keys and stored TP-Link ID credentials as unsalted MD5 hashes, enabling cross-domain account takeover across Tapo, Deco, and VIGI products, with residual data on factory-reset devices creating a secondhand-market attack path. TP-Link patched the issues in firmware 2.4.1 after six months of coordinated disclosure. | |
HN Discussion:
| |