CVE-2026-9770
Affected products: TP-Link Kasa EC70 v4 and EC71 v4 firmware. Issue: a static cryptographic private key is stored in a read-only filesystem shared across devices, allowing extraction from the firmware image. Impact: an unauthenticated attacker on the same network could use the embedded key in the...