CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

TP-Link Warns of Critical Vulnerability in Popular KP303 Smart Plug

By Leave a Comment
LinkedInReddit

TP-Link has issued a security advisory for its KP303 smart plug, warning that unauthenticated commands can be remotely executed on the device, potentially leading to unintended shutdowns and information leakage.

The flaw, tracked as CVE-2025-8627, affects version 2.0 of the KP303 smart plug running firmware earlier than version 1.1.0. According to TP-Link’s bulletin, attackers on the same network can exploit this vulnerability without needing authentication or user interaction. The issue is scored 8.7 (High) on the CVSS v4.0 scale, indicating significant impact.

The vulnerability was publicly disclosed in a security advisory updated on August 25, 2025. While TP-Link has not disclosed who discovered the issue or the technical mechanism behind the attack, the company confirmed that it involves “unauthenticated protocol commands” that can directly manipulate the device’s state, such as cutting power to connected appliances, and possibly leak sensitive operational data.

The KP303 is a three-outlet smart plug that connects via Wi-Fi and supports integration with Amazon Alexa and Google Assistant. It is one of TP-Link’s most widely distributed IoT products in the consumer space, especially in North America. Marketed for remote power control, energy monitoring, and scheduling, the device is often used in homes and small offices for automating lighting, appliances, and other electronics.

The flaw’s attack vector is listed as adjacent, meaning the attacker needs to be on the same local network, such as through compromised Wi-Fi, but no authentication or special privileges are required. Combined with the lack of user interaction needed for exploitation, the vulnerability poses a significant threat in shared or poorly secured networks.

Firmware version 1.1.0 or newer includes a patch for the flaw, and TP-Link is urging all users to update their KP303 devices immediately. The company noted that failure to apply the patch leaves the device exposed and disclaims responsibility for incidents resulting from unpatched units.

If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.

LinkedInReddit

More from CyberInsider

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Share to...
BlueskyBufferCopyFlipboardHacker NewsLineLinkedInMastodonMessengerMixNextdoorPinterestPocketPrintRedditSMSTelegramThreadsTumblrVKWhatsAppXingYummly