Wyze base station broadcasting an open SSID - how to turn it off?

Cameras
1

My Wyze base station is set up and working just fine.

However, I see that the setup SSID “wyze_bind_xxxxxxxxxxxx” is still broadcasting and open.
This concerns me because it is an open SSID that presumably could be used to hack into my network.

This is an SSID that is used during intiial setup. Like I said, I am set up, but somehow this didn’t get turned back off by the device firmware. I have tried restarting the base station and that made no difference.

How do I turn this off?

1 Like
2

This is currently in the road map.

1 Like
3

Glad to hear that - it’s not just hiding the network - it is also fixing the fact it is an open network with no security at all - this is really a bad thing!

4

Is yours broadcasting as Open? Mine is secured and prompts for a password to join.

5

Screen Shot 2020-11-29 at 9.59.26 PM
Screen Shot 2020-11-29 at 9.59.26 PM604×1036 81.7 KB

Yep as you can see.

Did a quick portscan which shows the following ports open
53/tcp open domain
2601/tcp open zebra
8888/tcp open sun-answerbook
9050/tcp open tor-socks
9090/tcp open zeus-admin

So any random person on the street can connect to my Wyze base station and start hacking. This is quite disturbing and even more so that I cannot figure out how to turn this network off. You’ll also see the two secured networks. I have figured out those are the actual networks used by the base station to communicate with my WCO - the “bind” network seems to be only needed for initial setup, which is why it is really bad it sticks around even after setup is complete. This is a pretty serious security bug, and you should escalate it to your engineering team.

2 Likes
6

@msilverman Hello, we’re looking into this issue. Could you provide some additional info for me?

  1. What is the status light of the base station when it’s broadcasting two SSID’s?
  2. Were you trying to pair any WCO with the base station at that moment? The wyze_bind_xxxx SSID is for setup purposes and it should be hidden when the base station is not in pairing mode (status light will flash blue and yellow).
  3. If your base station is not in pairing mode and it still broadcasts wyze_bind_xxx SSID, please send me a base station log with either of the following methods.
  • a. make sure the base station is connected in the app, submit an app log and select base station as the device
  • b. use a microSD card, insert it into the base station, wait for 10 seconds, and use a PC to send me the log file on the SD card with the name “log_xxxxx”.
1 Like
7

Hi,

  1. Status light is solid blue and the base station is seemingly operating normally
  2. When this issue started, I was not trying to pair a WCO. I was trying to re-pair the base station itself - ended up that an ethernet cable came unplugged so I aborted the re-pairing attempt halfway through, and with the cable plugged in everything returned to normal - except for that open SSID which never went away.
  3. Submitted - Log ID 76306
2 Likes
8

Thank you very much! Will look into the log!

1 Like
9

I have this same problem. What is the solution?

10

Haven’t heard of one yet. Wyze folks, any update on this?

11

Thanks, …don’t feel I can use it until this is resolved. I put in a request to Wyze. We’ll see.

best
Greg

12

Hmm, this troubleshooting guide makes mention of the unsecure network. If I were you I would delete everything WCO related from your app, look for a reset button on the base, and start over.

Base Station Troubleshooting

Base Station Setup Guide