Sammy Azdoufal insists he wasn’t out to hack every robot vacuum out there. He just wanted to control his brand-new DJI Romo vacuum using a PS5 gamepad because it sounded like fun. However, when his DIY remote control app started interacting with DJI’s servers, it wasn’t just one vacuum responding—around 7,000 of them globally began treating Azdoufal like their boss.
He could remotely control these vacuums and even peek through their live camera feeds. Azdoufal shared with me how he tested this with a friend, watching the vacuums map out rooms and generate complete 2D floor plans. Using any robot’s IP address allowed him to pinpoint a rough location. “I found my device was just one in an ocean of devices,” he said.
On Tuesday, I watched firsthand as Azdoufal demonstrated his access. It was unbelievable. Hundreds, then thousands of robots were communicating, each sending MQTT data packets every three seconds with their serial number, the rooms they were cleaning, what they observed, how far they traveled, when they were returning to their chargers, and the obstacles they encountered. In just nine minutes, Azdoufal’s laptop had cataloged 6,700 DJI devices from 24 countries, amassing over 100,000 messages. Including DJI Power portable power stations, the total exceeded 10,000 devices.
Azdoufal explained that he was able to control the robovacs and access live video over the internet. To understand just how extensive this was, I asked my colleague Thomas Ricker, who had just reviewed the DJI Romo, to provide the robot’s serial number. With just that 14-digit number, Azdoufal identified our robot and noted it was currently cleaning the living room, still holding 80% battery. Within minutes, he watched the robot generate an accurate floor plan of Thomas’s house, all just by entering some digits on a laptop in another country.
Here are two maps of Thomas’ home: the top shows what we accessed from DJI’s servers without authentication, and the bottom reflects what the owner sees on their phone. Screenshots by The Verge
In another instance, Azdoufal accessed his own DJI Romo’s live video feed without needing its security PIN. He waved to the camera while I watched. He later shared a limited read-only version of his app with Gonzague Dambricourt, CTO of an IT consulting firm in France, who confirmed it allowed him to watch his own device’s camera before even pairing it.
Azdoufal stated he didn’t hack into DJI’s servers. “I didn’t infringe any rules; I didn’t bypass, I didn’t crack, brute force, or anything,” he claimed. He merely extracted his own DJI Romo’s private token, which allowed access to his data, and inadvertently to others’. He also demonstrated access to DJI’s pre-production server and the live servers for the US, China, and the EU.
The good news is that by Tuesday, Azdoufal was unable to take our DJI Romo for a spin or access its camera or microphone. DJI had already shut down that method of access after both Azdoufal and I alerted them about the vulnerabilities. By Wednesday morning, his scanner lost access to all robots, including his own, indicating DJI had closed the significant loophole.
However, this incident casts a spotlight on DJI’s security and data handling practices. It may fuel existing concerns that have led to the company being largely pushed out of the US market. If Azdoufal could find these devices so easily, how can the company ensure protection against malicious intent? If an AI tool can create an app to view someone’s home, what prevents a DJI employee from misusing that capability? And why does a vacuum cleaner need a microphone? “It’s so weird to have a microphone on a freaking vacuum,” Azdoufal remarked.
When Azdoufal and The Verge reached out to DJI about the issue, the company claimed the vulnerability was already fixed, when in reality, it was only partially resolved. “DJI can confirm the issue was resolved last week and remediation was already underway prior to public disclosure,” read part of the statement from DJI spokesperson Daisy Kong. This was received just after Azdoufal showed me thousands of robots, including our review unit.
It’s no surprise a robot vacuum with a smartphone app connects to the cloud; users expect their devices to function outside their homes. Unless users set up a direct connection to their home network, data goes through cloud servers first. However, individuals expect their camera data to be secure both in transit and once it reaches the server. Security experts should understand this, yet once Azdoufal accessed DJI’s MQTT servers, everything appeared in cleartext. If DJI has only closed one door to their servers, it may not be enough to protect against hackers exploiting others.
DJI isn’t alone in facing security questions. In 2024, hackers took control of Ecovacs robot vacuums to chase pets and shout offensive remarks. In 2025, South Korean agencies reported that a flaw in Dreame’s X50 Ultra might allow hackers to access its camera feed, with similar issues in other models. Conversely, brands like Samsung and LG received commendations for security.
When it comes to smart home tech, I’m still wary of Wyze cameras due to past issues, and while Anker’s Eufy has improved transparency, that company has had its own transparency problems. However, Anker’s recent openness is a positive step.
DJI has not been exceptionally transparent about what occurred, but it has answered many questions. In a new statement to The Verge, the company acknowledged “a backend permission validation issue” that theoretically could have allowed unauthorized access to live video from its vacuums, admitting it didn’t completely fix the issue until after confirmation of ongoing vulnerabilities.
Here’s that full statement: DJI identified a vulnerability affecting DJI Home through internal review in late January and initiated remediation immediately. The issue was addressed through two updates, with an initial patch deployed on February 8 and a follow-up on February 10. The fix was automatic, requiring no user action. The vulnerability was due to a backend permission validation issue affecting MQTT communications. While unauthorized access to live video was theoretically possible, actual occurrences were rare and mostly linked to independent researchers testing their own devices. The first patch wasn’t applied universally, while the second re-enabled remaining service nodes. This has been fully resolved, with no broader impact.
Azdoufal indicates DJI hasn’t resolved all vulnerabilities he discovered. One allows access to the DJI Romo video stream without a security PIN, and another issue is so severe he isn’t disclosing it until DJI has time to address it. DJI did not offer immediate promises to fix these.
Both Azdoufal and security researcher Kevin Finisterre argue that merely encrypting data on a US server isn’t enough if insiders can still easily access it. “A server being based in the US does not prevent .cn DJI employees from access,” Finisterre stated. Azdoufal, who is based in Barcelona, demonstrated this by accessing devices from entirely different regions.
Azdoufal explained, “Once you’re an authenticated client on the MQTT broker, if there are no proper topic-level access controls (ACLs), you can subscribe to wildcard topics (e.g., #) and see all messages from all devices in plaintext at the application layer. TLS only protects the pipe, not the contents from other authorized participants.”
When I mentioned that some might criticize Azdoufal for not allowing DJI more time to resolve these issues before going public, he explained that he wasn’t hacking, didn’t expose sensitive information, and isn’t a security professional. He was merely tweeting about his experience while attempting to control his vacuum with a PS5 gamepad.
“Yes, I don’t follow the rules, but people participate in bug bounty programs for money. I just want this fixed,” he stated. “Following the rules would likely keep this breach open for much longer.”
Azdoufal isn’t convinced that DJI truly discovered these glitches on its own back in January. He expressed frustration over the company’s robotic responses on X compared to his unanswered emails.
But he’s pleased with one outcome: he can indeed control his Romo using a PlayStation or Xbox gamepad.
