Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Top 10 Identity Threat Detection and Response (ITDR) Solutions for 2026
July 17, 2026
GPT-5.6 Codex Bug Deletes Files From Home Directories
July 17, 2026
Critical TP-Link Tapo Camera Vulnerability Lets Attackers Hijack Devices
July 17, 2026
Home/CyberSecurity News/Critical TP-Link Tapo Camera Vulnerability Lets Attackers Hijack Devices
CyberSecurity News

Critical TP-Link Tapo Camera Vulnerability Lets Attackers Hijack Devices

Key Takeaways TP-Link has issued urgent security updates for two vulnerabilities affecting its Kasa EC70 v4 and EC71 v4 smart cameras. The most severe flaw, CVE-2026-9770, carries a CVSS score of 8.6...

David kimber
David kimber
July 17, 2026 3 Min Read
2 0

Key Takeaways

  • TP-Link has issued urgent security updates for two vulnerabilities affecting its Kasa EC70 v4 and EC71 v4 smart cameras.
  • The most severe flaw, CVE-2026-9770, carries a CVSS score of 8.6 (High) and could allow local network attackers to steal a hardcoded cryptographic key.
  • Successful exploitation of CVE-2026-9770 enables man-in-the-middle attacks, potentially leading to the interception of administrative credentials and camera communications.
  • A second vulnerability, CVE-2026-13230, exposes sensitive geolocation data via the camera’s local discovery service.
  • Users must update their camera firmware to versions 2.4.0 Build 20260520 or 2.4.1 Build 20260621 immediately.

Critical Flaws Expose TP-Link Kasa Cameras to Local Network Hijack

TP-Link has released crucial security updates to address two significant vulnerabilities discovered in its Kasa EC70 v4 and EC71 v4 smart camera models. These flaws, identified as CVE-2026-9770 and CVE-2026-13230, could enable threat actors operating within the same local network to compromise device confidentiality and extract sensitive data.

Table Of Content

  • Key Takeaways
  • Critical Flaws Expose TP-Link Kasa Cameras to Local Network Hijack
  • High-Severity Cryptographic Key Disclosure (CVE-2026-9770)
  • Medium-Severity Geolocation Data Exposure (CVE-2026-13230)
  • What You Should Do

High-Severity Cryptographic Key Disclosure (CVE-2026-9770)

The more critical of the two issues, CVE-2026-9770, is categorized as a hardware cryptographic key information disclosure vulnerability, earning a high CVSS score of 8.6. According to TP-Link, this vulnerability stems from a hardcoded cryptographic key that is embedded directly within the camera’s system image.

An attacker who has gained access to the local network could leverage this exposed key to undermine the confidentiality of communications between the camera and its web-based management interface. This exploitation pathway creates a significant risk for man-in-the-middle (MitM) attacks, allowing an adversary to intercept network traffic and potentially steal administrative credentials for the device.

A man-in-the-middle attack occurs when a malicious actor secretly positions themselves between two communicating parties, intercepting and potentially altering their exchanges. For instance, an attacker on an unsecure shared Wi-Fi network, a compromised home router, or an inadequately segmented corporate network could covertly monitor or manipulate data flows involving a vulnerable Kasa camera.

Medium-Severity Geolocation Data Exposure (CVE-2026-13230)

The second vulnerability, CVE-2026-13230, affects the cameras’ local discovery response mechanism and has been assigned a CVSS score of 5.3, classifying it as a medium-severity issue. TP-Link explains that this discovery service can unauthentically expose sensitive geolocation information.

An attacker present on the local network could send specially crafted discovery requests or responses to retrieve location-related data from an unpatched camera. TP-Link has confirmed that this flaw primarily impacts confidentiality and does not pose a direct threat to the integrity or availability of the device.

Both vulnerabilities specifically target the Kasa EC70 v4 and EC71 v4 camera models. TP-Link has provided remediations in firmware version 2.4.0 Build 20260520 and version 2.4.1 Build 20260621.

What You Should Do

  • Immediately update your TP-Link Kasa EC70 v4 and EC71 v4 camera firmware to version 2.4.0 Build 20260520 or 2.4.1 Build 20260621. You can update their camera firmware through TP-Link’s official support portal or via the Kasa mobile application.
  • Ensure your Kasa mobile app is also updated to its latest available version.
  • Until updates are applied, enhance your network security by placing smart cameras on a dedicated IoT network segment.
  • Utilize strong Wi-Fi encryption protocols and restrict unnecessary access to your local network.
  • Verify that your home or office router is running the most current firmware to mitigate other potential network-level vulnerabilities.
  • Implement network segmentation where possible to limit an attacker’s ability to reach camera management interfaces, even if another device on the network is compromised.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitPatchSecurityThreatVulnerability

Share Article

David kimber

David kimber

David is a penetration tester turned security journalist with expertise in mobile security, IoT vulnerabilities, and exploit development. As an OSCP-certified security professional, David brings hands-on technical experience to his reporting on vulnerabilities and security research. His articles often feature detailed technical analysis of exploits and provide actionable defense recommendations. David maintains an active presence in the security research community and has contributed to multiple open-source security tools.

Previous Post

CISA Warns of Critical Fortinet FortiSandbox OS Injection Flaws Exploited in Attacks

Next Post

GPT-5.6 Codex Bug Deletes Files From Home Directories

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
7-Zip Critical Vulnerability Exposes Millions to Remote Code Execution
July 17, 2026
Two Hackers Jailed for Hacking 148 TfL Systems, Forcing 27,000 Staff Password Resets
July 17, 2026
AnyDesk Critical 0-Day Vulnerability Lets Attackers Trigger DoS
July 16, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Emy Elsamnoudy
Emy Elsamnoudy
Jennifer sherman
Jennifer sherman
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us