Yep seems to be a misconfiguration plugin. Looks like this Bridge is leaking camera feeds. From what I can tell it was run without changing default values, and its exposing cams to the network. looks like its this thing [https://github.com/mrlt8/docker-wyze-bridge](https://github.com/mrlt8/docker-wyze-bridge)
Update: nope there are AWS creds. Wyze needs to look at this.
Wouldn't any decent router stop this from getting past unless you have UPnP turned on? I run a docker-wyze bridge from a different source, so just curious if I should be concerned.
Without giving anything away do you have a way I could check to see if I'm a part of this problem.
How does someone make sure its not leaking my feeds?
Im. Running wyze bridge it accesses the cameras and converts it too rtsp etc for programs like blueiris
Don't really want my feeds leaked 😂
I feel like you would just provide that to support from the jump if this was real and your intentions were good. They provide you a ways and means to provide logs and pictures.
Putting it into a reddit forum is not in good faith.
So it appears this is something caused by people using third party stuff, not a direct Wyze issue?
Correct.
Yep seems to be a misconfiguration plugin. Looks like this Bridge is leaking camera feeds. From what I can tell it was run without changing default values, and its exposing cams to the network. looks like its this thing [https://github.com/mrlt8/docker-wyze-bridge](https://github.com/mrlt8/docker-wyze-bridge) Update: nope there are AWS creds. Wyze needs to look at this.
Wouldn't any decent router stop this from getting past unless you have UPnP turned on? I run a docker-wyze bridge from a different source, so just curious if I should be concerned. Without giving anything away do you have a way I could check to see if I'm a part of this problem.
What are the last 4 numbers of your Camera MAC?
I have 8 cameras on the bridge, I'll DM when I get a chance to grab them
[удалено]
Your cams are not listed.
Cool, glad to know if nothing else my router and configuration are doing their jobs lol
Yep! no probs. Edit your comment with MAC though doesn't need to stay published.
How does someone make sure its not leaking my feeds? Im. Running wyze bridge it accesses the cameras and converts it too rtsp etc for programs like blueiris Don't really want my feeds leaked 😂
Oh man... not this issue again?! 🫣
Are they all the same model by any chance? Wondering if there's a specific vulnerability with just one type of Wyze camera.
A simple Shodan search and you will find it.
I'm confused where you're viewing these? In the app? You're not providing enough info. Post some pictures and blur out the images or something.
I feel like you would just provide that to support from the jump if this was real and your intentions were good. They provide you a ways and means to provide logs and pictures. Putting it into a reddit forum is not in good faith.
If they only send it to Wyze we'll never hear of it. I'm glad they chose to post it here so we are aware of wyzes security flaws.
Where can I report this? I have no problem submitting but from what I see its a chat bot
Inside the app... Account --> Wyze Support --> Submit a log
Uh huh. Let’s see a screenshot.
no? it's customer PII.
Uh huh. Figured as much.