Statement on Tapo L530 and Tapo App Vulnerabilities
Associated CVE ID
CVE-2023-38906, CVE-2023-38908, CVE-2023-38909
TP-Link is aware that researchers have disclosed a set of vulnerabilities in Tapo L530 and Tapo App.
At TP-Link, customer security comes first. TP-Link is investigating and will keep updating this advisory as more information becomes available.
Affected TP-Link Products
Tapo L530(including L530B & L530E) with firmware version 1.0.x or earlier
Tapo App with version 2.17.x or earlier
Solution
TP-Link has released new firmware and app to fix the vulnerabilities. Please update your TP-Link devices and application to the latest versions to get rid of them.
Products |
Fixed Version |
Release State |
Tapo L530(EU/US) V1 |
1.3.0 or later versions |
Fully released |
Tapo L530(TW) V1 |
1.1.0 or later versions |
Fully released |
Tapo L530(KR) V1 |
1.1.0 or later versions |
Fully released |
Tapo L530(EU/US) V2 |
1.1.0 or later versions |
Fully released |
Tapo L530(EU) V3 |
1.1.0 or later versions |
Fully released |
Tapo App |
2.18.x or later versions |
Fully released |
How to upgrade the firmware of Tapo L530: https://www.tp-link.com/support/faq/2621/
How to upgrade the Tapo App: Go to APP Store or Play Store, search TP-Link Tapo and tap Update.
If you want to update the new firmware/app right away, please Contact Technical Support for the beta version.
Disclaimer
The vulnerabilities will remain if you do not take all recommended actions. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.
Revision History
2023-08-23 Published advisory
2023-09-12 Updated Solution
Is this faq useful?
Your feedback helps improve this site.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.