Meari Shut Down IoT Platform After 1.1 Million Cameras Were Remotely Exposed Across 118 Countries
Updated
Updated · The Verge · May 11
Meari Shut Down IoT Platform After 1.1 Million Cameras Were Remotely Exposed Across 118 Countries
1 articles · Updated · The Verge · May 11
Summary
1.1 million Meari-made Wi-Fi cameras were remotely accessible across 118 countries until March 10, when the company cut off researcher Sammy Azdoufal’s access and closed the main hole.
Azdoufal said a single key extracted from Meari’s Android app, plus default passwords such as “admin” and “public,” let him view device data, user emails, rough locations and tens of thousands of photos.
Meari acknowledged unauthorized interception risks on its EMQX IoT platform and a potential remote-code-execution issue, saying it shut the platform, changed credentials and told customers to update firmware below version 3.0.0.
The company still has not said how many brands or users were affected, whether vendors warned customers, or whether the flaws were exploited; Azdoufal says brands shared servers and passwords, allowing cross-brand access.
Meari sells white-label cameras under hundreds of names, with links to brands including Wyze, Intelbras and Petcube; Azdoufal received a €24,000 bug bounty on May 7, while Rep. Ro Khanna said he would look into the case.
A single key unlocked millions of cameras. What ticking time bombs are hidden inside other smart home devices?
A manufacturer patched a huge camera flaw but didn't warn users. Who is truly accountable when smart tech fails?
After a massive baby monitor hack, are Wi-Fi-free devices the only truly safe option for protecting our families?
Over 10,000 Meari IoT Cameras Hacked in 2026: What Happened, Who’s at Risk, and How to Stay Safe
Overview
In early 2026, security researcher Sammy Azdoufal discovered a major vulnerability in Meari Technology's IoT cameras by using a custom script to scan for devices with open ports and weak authentication. This flaw allowed attackers to easily guess or bypass passwords, giving them unauthorized access to thousands of cameras worldwide. As a result, sensitive user data, including live feeds and personal activities, was exposed. The breach highlighted the dangers of weak security settings in smart devices and prompted Meari to release urgent firmware updates and advise users to change default passwords to protect their privacy.