Replies: 1 comment 1 reply
-
|
Based on what I've read, the ha-wyzeapi custom integration itself is NOT impacted by the security vulnerability being addressed by HAC 2021.1.3 and 2021.1.5. So if you installed ha-wyzeapi manually, you should be okay. However, if you used HACS for the install of ha-wyzeapi, you WOULD be vulnerable - but only because HACS was vulnerable to the attach. Agree? |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
That sounds about right. I have not been informed of any issues with this integration directly |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello! Just wanted to post this here also for visibility:
https://www.home-assistant.io/blog/2021/01/22/security-disclosure/
I'm assuming from the blog post that our Wyze credentials were Exposed. Not a bad time to change your password, especially without 2FA enabled.
EDIT: This is only if your HomeAssistant server was exposed to the web. If you don't have Nabu casa or firewall rules exposing it - you're probably OK.
Beta Was this translation helpful? Give feedback.
All reactions