Engineer awarded $30,000 after finding DJI cloud flaw that exposed 7,000 robot vacuums
Mar 7th 2026
A security researcher discovered cloud backend flaws at DJI that exposed thousands of robot vacuums and views into homes; DJI confirmed a $30,000 payment for one reported finding but has not clarified which issue was rewarded or the full patching timeline, reports The Verge.
- Researcher Sammy Azdoufal found a critical DJI cloud backend vulnerability that allowed him to access about 7,000 robot vacuum cleaners, according to The Verge.
- The vulnerability let Azdoufal glimpse into other people’s homes through the devices.
- DJI emailed Azdoufal confirming a $30,000 reward for one of his discoveries but did not specify which finding was paid.
- DJI says it had already begun fixing several backend weaknesses before Azdoufal demonstrated the scale of access.
- The company confirmed it paid an unnamed researcher, but details and timelines for broader patching remain unclear.
- Azdoufal had been experimenting to control his DJI Romo robot vacuum with a PS5 controller when he uncovered the issue.