Wyze Web View Security Issues

Good afternoon,

I just had the most disturbing thing happen on Wyze Web View. I usually just have my cameras displayed on one of my computers screens. I have them on pretty much for 8 hours a day for the time I’m at the office working. I stepped out for a couple of minutes and when I came back I realized all my cameras where gone but one. But the name on my camera was changed. What was weird was that the single camera that was left did not have CamPlus which I do in all my cameras. Come to realize the camera was not displaying my camera anymore it was someone elses camera! I was inside someone elses house! It was a ladys livingroom and the camera was for her cat I assume since the camera had a weird name to it. She did not have CamPlus so I could not see it live but I could see the motion events on the events tab! This was really disturbing! I was looking at someone elses activity on my wyze web view! I was going to screen shot it when it all of a sudden refreshed the page and Wyze Web View does not work anymore at all. It says site cant be reached. I dont know what type of security flaw or what that was all about but I feel like my cameras can be seen by other people too. This was really bad! [Mod Edit] Can someone from Wyze chime in on this?

I would report this to Security@Wyze.com

there have been other posts about this

view.wyze.com is currently under maintenance. We are working on this and will update when it’s available again. We apologize for the inconvenience. Could you please contact our Security Team directly so we can continue that investigation?



Already making news on the web.

Hey all,

This was a web caching issue and is now resolved. For about 30 minutes this afternoon, a small number of users who used a web browser to log in to their camera on view.wyze.com may have seen cameras of other users who also may have logged in through view.wyze.com during that time frame. The issue DID NOT affect the Wyze app or users that did not log in to view.wyze.com during that time period.

Once we identified the issue we shut down view.wyze.com for about an hour to investigate and fix the issue.

This experience does not reflect our commitment to users or the investments we’ve made over the last few years to enhance security. We are continuing to investigate this issue and will make efforts to ensure it doesn’t happen again. We’re also working to identify affected users.

We will let you know if there are any further updates.