TX_368884· Engineering
TP-Link Kasa camera leaked home GPS via unauthenticated UDP for six years
A UDP listener in TP‑Link’s Kasa EC71 indoor camera exposed precise GPS coordinates without authentication for six years, earning CVE‑2025‑12345 and prompting a firmware fix that disables the endpoint.