PT-2026-58866 · Tp Link · Kasa Ec70 V4+1

·

CVE-2026-13230

·

Published

2026-07-15

·

Updated

2026-07-17

CVSS v4.0

5.3

Medium

VectorAV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions TP-Link Kasa EC70 v4 TP-Link Kasa EC71 v4
Description An information disclosure issue exists in the local discovery mechanism. This flaw allows an unauthenticated attacker on the same local network to retrieve sensitive geolocation information by sending crafted responses. The issue affects confidentiality without impacting integrity or availability.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-13230

Affected Products

Kasa Ec70 V4
Kasa Ec71 V4