Statement on Tapo L530 and Tapo App Vulnerabilities

Security Advisory
Updated 09-13-2023 03:11:13 AM 5299

Associated CVE ID

CVE-2023-38906, CVE-2023-38908, CVE-2023-38909

TP-Link is aware that researchers have disclosed a set of vulnerabilities in Tapo L530 and Tapo App.

At TP-Link, customer security comes first. TP-Link is investigating and will keep updating this advisory as more information becomes available.

Affected TP-Link Products

Tapo L530(including L530B & L530E) with firmware version 1.0.x or earlier

Tapo App with version 2.17.x or earlier


TP-Link has released new firmware and app to fix the vulnerabilities. Please update your TP-Link devices and application to the latest versions to get rid of them.

Products Fixed Version Release State
Tapo L530(EU/US) V1 1.3.0 or later versions Fully released
Tapo L530(TW) V1 1.1.0 or later versions Fully released
Tapo L530(KR) V1 1.1.0 or later versions Fully released
Tapo L530(EU/US) V2 1.1.0 or later versions Fully released
Tapo L530(EU) V3 1.1.0 or later versions Fully released
Tapo App 2.18.x or later versions Fully released

How to upgrade the firmware of Tapo L530:

How to upgrade the Tapo App: Go to APP Store or Play Store, search TP-Link Tapo and tap Update.

If you want to update the new firmware/app right away, please Contact Technical Support for the beta version.


The vulnerabilities will remain if you do not take all recommended actions. TP-Link cannot bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.

Revision History

2023-08-23 Published advisory

2023-09-12 Updated Solution

Is this faq useful?

Your feedback helps improve this site.


TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.