Wyze Cam v3 exceeds 60,000 DNS lookups per day

I recently setup an internal PiHole DNS server and have found that my Wyze Cam v3 is attempting about 60,000 DNS lookups per day. Most of these are to non-existent hosts/domains. There are four domains which have almost equal lookups, about 17,000 per day. They are:

wyze-general-api.wyzecam.comv1
wyze-general-api.wyzecam.comv1.alext.local
wyze-general-api.wyzecam.comv1.#
wyze-general-api.wyzecam.comv1.wlan0

I have power cycled the camera which fixes the issue for about 12 hours but then it’s back at it again. Does this look familiar to anyone?

Leftover dead code used during development and alpha testing stages? Sloppy programming? Given the kind of bugs I see, I’m not surprised.

+1

Seeing the same on my end, over 61k requests to each one of those domains.

Yikes! C’mon Wyze, get your act together!

Hmm, well needless to say I’m not buying any more Wyze 3 cameras until they get this fixed. I really like the low light performance of this camera but if each one is going to generate this many DNS requests to bogus domains I don’t want them on my network.

Because why? The performance impact is likely negligible and there is not yet an indication of a security vulnerability, just apparently very careless coding…

60,000 look ups a day per camera is not chicken feed, it’s significant traffic. And what other careless issues might there be?

So glad I’m down to just 1 non-critical V2 and no further Wyze products in my future.

same here:
|Domain|Hits|
|—|—|—|
|wyze-general-api.wyzecam.comv1|68053||
|wyze-general-api.wyzecam.comv1.local|67630||
|wyze-general-api.wyzecam.comv1.#|67381||
|wyze-general-api.wyzecam.comv1.wlan0|67132||

|Client|Requests|
|—|—|—|
|WyzeCam.local|157776||
|WyzeCam.local|114541||

You guys are lucky. My Wyze v3 cam is hiting about 200,000 DNS request per day.

Screen Shot 2021-01-30 at 5.18.30 PM952×250 15 KB

all to the same domains:
wyze-general-api.wyzecam.comv1
wyze-general-api.wyzecam.comv1.#
wyze-general-api.wyzecam.comv1.localdomain
wyze-general-api.wyzecam.comv1.wlan0

Any ideas for a fix? @UserCustomerGwen @CaptainMark

Also a pi-hole user. My two v2 cams are the top users on my network. They also have hard coded DNS addresses in use so you aren’t seeing everything. I’m blocking port 53 for all devices on my network except the pi-hole. Also 853 for DNS over TLS.

We’re going to need a stateful inspection OUTBOUND firewall if they go to DNS over HTTPS.

I disagree - This is a significant security issue. All those holes allow return traffic through the firewall.

I need to block outbound 53 on my network, too and just force everything through my dual pihole setup. Currently logging 36k requests on a single v3. WTF?

I ended up adding an entry for some of the bogus domains on my Pi-hole. Just did a lookup of what the IP address should be for wyze-general-api.wyzecam.com and added a DNS entry on the Pi-hole for wyze-general-api.wyzecam.comv1. That seemed to calm things down.

I’m hoping somebody from Wyze is listening in and a bug is already submitted for this.

Another Pi-Hole user here. I also block DNS (53 & 853) for everything but the Pi-Hole:

Everything was normal until the latest Cam v3 firmware update, then I noticed my 24 hour activity started to spike up noticeably:

This is just not good…

Rebooting the camera does seem to cause this activity to drop off for a bit however.

I searched that first URL and it appears that this has happened before: https://www.reddit.com/r/wyzecam/comments/cmoibt/wyzedatacollectapiwyzecamcom/ew3tb4i/

I wonder if it’s something similar?

Nice find but wow that thread turned out to be a waste, huh. It went off on nothing tangents.

Screenshot 2021-02-06 0131561006×814 60.3 KB

So - after rebooting the v3 camera running firmware 4.36.0.248 last night the issue seemed to go away only to return at just before 0800 as you can see by the orange uptick above.

These lookups rapidly ramp up and dwarf the rest of my DNS lookup traffic.