Sammy Azdoufal, a leading figure in AI strategy for a vacation rental company, recently revealed an astonishing vulnerability within DJI’s robot vacuum ecosystem. What started as a personal project to control his new DJI Romo vacuum with a PS5 gamepad quickly escalated into an unforeseen discovery. Azdoufal, speaking to The Verge, explained his initial goal was simply to enhance his user experience, not to compromise global security.
However, when his custom remote control application connected to DJI's servers, the response was far from isolated. Instead of communicating with just his single device, roughly 7,000 DJI robot vacuums worldwide began responding to Azdoufal's commands, effectively treating him as their administrator. This unexpected access granted him the ability to remotely monitor and control these devices, including viewing live camera feeds and listening through microphones, as he demonstrated with a friend.
Unprecedented Access to Smart Home Data
The extent of Azdoufal’s unauthorized access was laid bare in a live demonstration. He could observe these devices meticulously mapping out individual rooms, generating comprehensive 2D floor plans. Leveraging each robot’s IP address, he could also pinpoint its approximate geographical location. The sheer volume of data was staggering: within nine minutes, Azdoufal’s laptop had cataloged 6,700 DJI devices across 24 countries and amassed over 100,000 messages from them.
Including DJI’s DJI Power portable power stations, which also connect to the same servers, Azdoufal’s reach extended to over 10,000 devices. Given his background in AI strategy, the initial claim that he reverse-engineered DJI’s protocols using Claude Code raised questions about potential AI "hallucinations." To verify the findings, a colleague, Thomas Ricker, who had just reviewed the DJI Romo, provided its 14-digit serial number. With this single identifier, Azdoufal could accurately locate the robot, confirm it was actively cleaning the living room, and report its 80 percent battery life remaining.
DJI’s Security Lapses and Partial Fixes
Azfal claims his profound access was achieved without hacking DJI’s servers, bypassing security, or brute-forcing systems. He states he merely extracted his own DJI Romo’s private token, which inadvertently granted him access to thousands of other devices’ data. He demonstrated access to DJI’s pre-production server, alongside live servers for the US, China, and the EU. DJI has since taken action, with Azdoufal confirming that the company restricted certain access types after being informed of the vulnerabilities. By Wednesday morning, his scanner could no longer access any robots, indicating that DJI had likely patched the critical flaw.
This incident, however, casts a shadow over DJI's data security protocols and raises significant questions about user privacy. The ease with which Azdoufal gained access without malicious intent highlights potential risks from bad actors. While DJI initially claimed the issue was resolved prior to public disclosure, Azdoufal’s subsequent demonstration proved otherwise. In a later statement to The Verge, DJI spokesperson Daisy Kong admitted to a "backend permission validation issue" that could have theoretically allowed unauthorized video access, confirming the vulnerability was not fully patched until after independent verification.
Industry-Wide Implications for Smart Home Security
The DJI incident is not isolated; it underscores a broader security challenge within the smart home industry. Similar vulnerabilities have plagued other robot vacuum manufacturers, with reports of hackers controlling Ecovacs devices in 2024 and a flaw in Dreame’s X50 Ultra in 2025 that exposed live camera feeds. Even with encryption, the concern remains that if authenticated clients on an MQTT broker lack proper topic-level access controls, all device messages could be visible in plaintext at the application layer.
Kevin Finisterre, a security researcher, echoed Azdoufal’s concerns, stating that storing data on US-based servers does not inherently prevent DJI employees in other regions from accessing it. Azdoufal asserts that even after DJI’s patches, further vulnerabilities persist, including the ability to view a Romo’s video stream without its security PIN. Despite criticism for not adhering strictly to responsible disclosure timelines, Azdoufal emphasized his primary motivation: to see the issues fixed, rather than financial gain. He expressed dissatisfaction with DJI's communication, but noted his initial goal was achieved – he can now control his Romo with a PlayStation or Xbox gamepad.
