Your data. Your choice.

If you select «Essential cookies only», we’ll use cookies and similar technologies to collect information about your device and how you use our website. We need this information to allow you to log in securely and use basic functions such as the shopping cart.

By accepting all cookies, you’re allowing us to use this data to show you personalised offers, improve our website, and display targeted adverts on our website and on other websites or apps. Some data may also be shared with third parties and advertising partners as part of this process.

Legal noticePrivacy notice
Shutterstock
News + Trends
42

Recordings from baby cameras freely accessible

David Lee
12/5/2026
Translation: machine translated

At least 1.1 million surveillance cameras were unprotected on the network. The technical details are hair-raising.

Cameras that are connected to the internet should be well protected against hacker attacks. But they often aren't. Frenchman Sammy Azdoufal has now gone public with a particularly blatant case involving baby cams. He was the one who accidentally discovered a huge security hole in DJI hoover robots at the beginning of 2026. According to its documentation, 1.1 million devices in 118 countries were accessible from the outside. In other words, the images taken by these cameras could be viewed by anyone.

Which cameras were affected

The cameras affected were baby cameras and other surveillance cameras that use technology from the Chinese manufacturer Meari. Meari is a white label manufacturer. This means that there are countless brands that stick their own logo on the devices, but all use the same platform from Meari.

According to The Verge, Azdoufal says that most of the vulnerabilities he described have since been fixed. However, these were so serious that a stale feeling remains. To find out whether your own device is affected, Azdoufal recommends checking the host name in the app. If this is «apis.meari.com.cn» or «mqtts*.meari.com.cn», it is an affected device. Our range includes an indoor- and an indoor-. and an outdoor network camera from the Meari brand. I have asked internally to check whether these need to be removed from the range.

The cameras are distributed all over the world, many of them in Europe.
The cameras are distributed all over the world, many of them in Europe.
Source: Sammy Azdoufal

Not a security gap, but a security crater

The fact that the devices used highly insecure default passwords such as «admin» was not the biggest problem. More serious was that the cameras were sending the information via the MQTT protocol to anyone who subscribed to it. This was not tied to a specific device. An authentication key was also stored in the Android app, which could be easily read. It provided access to all devices.

According to Azdoufal, Meari has not only fixed the bugs in the meantime, but also paid him a reward of 24,000 euros. However, the company was initially uncooperative. At first, his tips were ignored. Then he discovered that an internal server had exposed the unprotected email addresses and telephone numbers of all 678 employees. According to The Verge, Meari only reacted to this finding - apparently with a threat. What remains is the impression of an unprofessional company with a lack of security awareness.

Header image: Shutterstock

4 people like this article

User Avatar
User Avatar
David Lee
Senior Editor
David.Lee@digitecgalaxus.ch

My interest in IT and writing landed me in tech journalism early on (2000). I want to know how we can use technology without being used. Outside of the office, I’m a keen musician who makes up for lacking talent with excessive enthusiasm.

News + Trends

From the latest iPhone to the return of 80s fashion. The editorial team will help you make sense of it all.

Show all

These articles might also interest you

  • News + Trends

    Insta and co: Meta AI analyses images for age verification

    by Florian Bodoky

  • News + Trends

    Coffee machines: The secret stars of Milan Design Week

    by Pia Seidel

  • News + Trends

    Sony AI: Table tennis robot Ace beats human professionals

    by Kim Muntinga

2 comments

Avatar
later