Information disclosure in Tp-link Systems Inc. Kasa Ec70 V4
CVE-2026-13230
An information disclosure vulnerability was identified in TP-Link Kasa EC70 v4 and EC71 v4 in the local discovery mechanism, which exposes sensitive geolocation information without requiring authentication. This issue allows an attacker on…
Vulnerability class: Information Disclosure
Affected products
- Tp-link Systems Inc. Kasa Ec70 V4 — versions 0
- Tp-link Systems Inc. Kasa Ec71 V4 — versions 0
Weakness classification (CWE)
References
- f23511db-6c3e-4e32-a477-6aa17d310630 (patch)
- f23511db-6c3e-4e32-a477-6aa17d310630 (patch)
- f23511db-6c3e-4e32-a477-6aa17d310630 (patch)
- f23511db-6c3e-4e32-a477-6aa17d310630 (patch)
- f23511db-6c3e-4e32-a477-6aa17d310630 (vendor-advisory)