Cheap smart doorbell allows fleet-wide account takeover and call hijacking
A security researcher discovered critical vulnerabilities in a cheap smart doorbell sold on Temu, branded as 'Smart Doorbell X3' and managed via the 'X Smart Home' app, allowing for full account takeovers and call hijacking. The flaws stem from weaknesses in the Naxclow backend platform, which is used across multiple rebranded devices and apps. Attackers can redirect doorbell calls, inject fake video, and extract Wi-Fi credentials without physical access.
- ▪The Smart Doorbell X3 connects to a backend operated by Guangzhou Qiangui IoT Technology Co., Ltd under the Naxclow brand, which powers multiple rebranded devices and apps.
- ▪An attacker with a free account can silently transfer ownership of any doorbell to their account, redirecting all live calls and video feeds.
- ▪The device’s debug port exposes the home Wi-Fi password, enabling full network compromise.
- ▪The same backend infrastructure appears to support other apps like V720 and ix cam, suggesting widespread impact across different product lines.
- ▪The researcher reported the issues to Naxclow on April 29, 2026, but received no response before publishing the findings a week later.
Opening excerpt (first ~120 words) tap to expand
Anyone on the Internet Can Ring Your Doorbell06/05/2026 10:3539 min read (8229 words)#Security #IoT #Reverse Engineering #Hardware Hacking #Firmware Updates#2026-05-06. I opened a coordination case with CERT/CC’s VINCE covering the findings below. CVE assignment will go through that process.2026-05-07. Naxclow contacted me one day after this post went live, acknowledged the report, and started their internal review process.Naxclow’s reply, the day after publication.Recently I bought a smart doorbell off Temu, the Chinese marketplace that has been gaining popularity worldwide over the past couple of years. I wanted to know how secure the cheap connected hardware sold on that platform actually is.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at ABGEO's Personal website.
Discussion
0 commentsMore from ABGEO's Personal website
