Statement on Tapo L530 and Tapo App Vulnerabilities
TP-Link is aware of reports regarding CVE-2023-38906, CVE-2023-38908, and CVE-2023-38909. User security is our top priority, and to rectify the vulnerabilities, TP-Link has released the new firmware for the affected devices and new version of the Tapo/Kasa app.
Solution
Please update your Tapo/Kasa devices and app to the latest version to ensure optimal security.
How to upgrade the firmware for Tapo/Kasa devices:
https://www.tp-link.com/support/faq/2621/
https://www.tp-link.com/support/faq/1256/
How to upgrade the Tapo/Kasa app: Go to the App Store or Play Store, search for TP-Link Tapo or Kasa, and click Update.
Disclaimer
The vulnerabilities will remain if you do not take all the recommended actions. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.
Revision History
2023-08-23 Published Advisory
2023-09-12 Updated Solution
2024-09-10 Updated Solution
Is this faq useful?
Your feedback helps improve this site.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.