Vulnerability in Tp-link Systems Inc. Kasa Ec70 V4

CVE-2026-9770

Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices.  An attacker with access to the firmware image can extract the embedded key.  Successfu…

Affected products

Weakness classification (CWE)

References