{"id":14369,"date":"2026-07-17T10:03:45","date_gmt":"2026-07-17T10:03:45","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/17\/multiple-tp-link-cameras-vulnerability-allows-hackers-to-launch-mitm-attacks\/"},"modified":"2026-07-17T10:03:45","modified_gmt":"2026-07-17T10:03:45","slug":"multiple-tp-link-cameras-vulnerability-allows-hackers-to-launch-mitm-attacks","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/17\/multiple-tp-link-cameras-vulnerability-allows-hackers-to-launch-mitm-attacks\/","title":{"rendered":"Multiple TP-Link Cameras Vulnerability Allows Hackers to Launch MitM Attacks"},"content":{"rendered":"<p>    Multiple TP-Link Cameras Vulnerability Allows Hackers to Launch MitM Attacks<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p class=\"wp-block-paragraph\">TP-Link has released security updates for two vulnerabilities in its Kasa EC70 v4 and EC71 v4 smart cameras. These flaws, tracked as CVE-2026-9770 and CVE-2026-13230, could allow an attacker on the same local network to obtain<a href=\"https:\/\/cybersecuritynews.com\/hackers-target-tp-link-routers\/\" target=\"_blank\" rel=\"noreferrer noopener\"> sensitive information from vulnerable devices<\/a>.<\/p>\n<p class=\"wp-block-paragraph\">The most serious issue, CVE-2026-9770, is a <a href=\"https:\/\/cybersecuritynews.com\/fake-ledger-hardware-wallets\/\" target=\"_blank\" rel=\"noreferrer noopener\">hardware cryptographic<\/a> key information disclosure vulnerability with a CVSS score of 8.6 (High). TP-Link has indicated that a hardcoded cryptographic key is embedded within the camera\u2019s system image.<\/p>\n<p class=\"wp-block-paragraph\">An attacker with access to the local network could exploit this exposed key to compromise the confidentiality of communications between the camera and its web management interface.<\/p>\n<p class=\"wp-block-paragraph\">Successful exploitation could facilitate man-in-the-middle attacks, enabling the attacker to intercept traffic or obtain administrative credentials.<\/p>\n<h2 id=\"h-tp-link-cameras-vulnerability\" class=\"wp-block-heading\"><strong>TP-Link Cameras Vulnerability<\/strong><\/h2>\n<p class=\"wp-block-paragraph\">A <a href=\"https:\/\/cybersecuritynews.com\/blurtooth-bluetooth-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">man-in-the-middle attack<\/a> occurs when a threat actor secretly positions themselves between a device and a service or management interface.<\/p>\n<p class=\"wp-block-paragraph\">For example, an attacker on a shared Wi-Fi network, a compromised home router, or a poorly segmented office network could potentially observe or manipulate communications involving the affected camera.<\/p>\n<p class=\"wp-block-paragraph\">The second flaw, CVE-2026-13230, impacts the cameras\u2019 local discovery response mechanism. This vulnerability has received a CVSS score of 5.3, rated as Medium.<\/p>\n<p class=\"wp-block-paragraph\">According to TP-Link, the discovery service can expose sensitive, <a href=\"https:\/\/cybersecuritynews.com\/gaming-fraud-detection\/\" target=\"_blank\" rel=\"noreferrer noopener\">geolocation-related information<\/a> without authentication. An attacker on the same local network could send crafted discovery requests or responses to retrieve location-related data from a vulnerable camera.<\/p>\n<p class=\"wp-block-paragraph\">TP-Link stated that this issue affects confidentiality only, with no identified impact on device integrity or availability.<\/p>\n<p class=\"wp-block-paragraph\">Both vulnerabilities affect the Kasa EC70 v4 and EC71 v4 camera models. TP-Link has addressed these issues in firmware version 2.4.0 Build 20260520 and version 2.4.1 Build 20260621.<\/p>\n<p class=\"wp-block-paragraph\">Users should <a href=\"https:\/\/www.tp-link.com\/us\/support\/faq\/5192\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">update their camera firmware through TP-Link\u2019s official support portal<\/a> or the Kasa app, and ensure the Kasa mobile app is also updated to the latest version.<\/p>\n<p class=\"wp-block-paragraph\">Until updates are installed, users should reduce their exposure by placing smart cameras on a separate IoT network, using strong Wi-Fi encryption, restricting access to the local network, and ensuring routers are running the latest firmware.<\/p>\n<p class=\"wp-block-paragraph\">Network segmentation can limit an attacker\u2019s ability to reach camera management interfaces if another device on the network is compromised. TP-Link urges customers to promptly apply available fixes, warning that unpatched devices may remain vulnerable.<\/p>\n<p class=\"has-text-align-center has-background wp-block-paragraph\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 87%,rgb(169,184,195) 100%)\"><strong>\u00a0Strengthen Your SOC by Accelerating Threat Detection &amp; Rapid Investigations.\u00a0-&gt;\u00a0<a href=\"https:\/\/any.run\/enterprise\/?utm_source=csn&amp;utm_medium=links&amp;utm_campaign=sandbox&amp;utm_content=enterprise&amp;utm_term=0626#contact-sales\" target=\"_blank\" rel=\"noreferrer noopener\">Integrate ANY.RUN With Your SOC\u00a0<\/a><strong><a href=\"https:\/\/any.run\/enterprise\/?utm_source=csn&amp;utm_medium=links&amp;utm_campaign=sandbox&amp;utm_content=enterprise&amp;utm_term=0626#contact-sales\" target=\"_blank\" rel=\"noreferrer noopener\">Now<\/a><\/strong>.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/tp-link-cameras-vulnerability\/\">Multiple TP-Link Cameras Vulnerability Allows Hackers to Launch MitM Attacks<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Abinaya<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/tp-link-cameras-vulnerability\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Multiple TP-Link Cameras Vulnerability Allows Hackers to Launch MitM Attacks TP-Link has released security updates for two vulnerabilities in its Kasa EC70 v4 and EC71 v4 smart cameras. These flaws, tracked as CVE-2026-9770 and CVE-2026-13230, could allow an attacker on the same local network to obtain sensitive information from vulnerable devices. The most serious issue, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,648],"tags":[130],"class_list":["post-14369","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14369"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14369"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14369\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14369"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14369"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14369"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}