PT-2026-58866 · Tp Link · Kasa Ec70 V4+1
CVSS v4.0
5.3
Medium
| Vector | AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
TP-Link Kasa EC70 v4
TP-Link Kasa EC71 v4
Description
An information disclosure issue exists in the local discovery mechanism. This flaw allows an unauthenticated attacker on the same local network to retrieve sensitive geolocation information by sending crafted responses. The issue affects confidentiality without impacting integrity or availability.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Kasa Ec70 V4
Kasa Ec71 V4