TP-Link’s popular smart lightbulb and its companion mobile app were found to be carrying multiple high-severity flaws which could allow hackers to gain access to the connected Wi-Fi network.
That, in turn, could allow threat actors to access other endpoints on the network, which could give them access to sensitive data, or allow them to deploy different malware and ransomware.
This is according to cybersecurity researchers from the Italian Universita di Catania, and their peers from the University of London. As reported by BleepingComputer, the researchers from these two universities analyzed the “top-selling” TP-Link Tapo L530E and its companion app, which has approximately 10 million installations on Google Play alone.
Four vulnerabilities
In total, the researchers uncovered four vulnerabilities. The first two (severity scores 8.8 and 7.6.) could be chained to impersonate the…