Search
Search Menu

Statement on Tapo L530 and Tapo App Vulnerabilities

Security Advisory
Updated 08-24-2023 15:52:20 PM 8311

Associated CVE ID

CVE-2023-38906, CVE-2023-38908, CVE-2023-38909

 

TP-Link is aware that researchers have disclosed a set of vulnerabilities in Tapo L530 and Tapo App.

At TP-Link, customer security comes first. TP-Link is investigating and will keep updating this advisory as more information becomes available.

 

Affected TP-Link Products

Tapo L530(including L530B & L530E) with firmware version 1.0.x or earlier

Tapo App with version 2.17.x or earlier

 

Solution

TP-Link has released new firmware and a new version of the Tapo App to fix the vulnerabilities. Please update your TP-Link devices and application to the latest version to address these concerns.

Products

Fixed Version

Release State

Tapo L530(US) V2

1.1.0 or later versions

Fully released

Tapo L530(US) V3

1.1.0 or later versions

Releasing

Tapo App

2.18.x or later versions

Releasing

How to upgrade the firmware of Tapo L530: https://www.tp-link.com/support/faq/2621/

How to upgrade the Tapo App: Go to the APP Store or the Play Store, search TP-Link Tapo, and tap Update.

If you want to update the new firmware/app immediately, please Contact Technical Support for the beta version.

Revision History

2023-08-23 Published advisory

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

Basic Cookies

These cookies are necessary for the website to function and cannot be deactivated in your systems.

TP-Link

accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Livechat

__livechat, __lc2_cid, __lc2_cst, __lc_cid, __lc_cst, CASID

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Analysis and Marketing Cookies

Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.

The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au

Facebook

_fbp

Crazy Egg

cebsp_, _ce.s, _ce.clock_data, _ce.clock_event, cebs

Hotjar

OptanonConsent, _sctr, _cs_s, _hjFirstSeen, _hjAbsoluteSessionInProgress, _hjSessionUser_14, _fbp, ajs_anonymous_id, _hjSessionUser_<hotjar-id>, _uetsid, _schn, _uetvid, NEXT_LOCALE, _hjSession_14, _hjid, _cs_c, _scid, _hjAbsoluteSessionInProgress, _cs_id, _gcl_au, _ga, _gid, _hjIncludedInPageviewSample, _hjSession_<hotjar-id>, _hjIncludedInSessionSample_<hotjar-id>

Linkedin

lidc, AnalyticsSyncHistory, UserMatchHistory, bcookie, li_sugr, ln_or