Jump to content

Wemo: Difference between revisions

From Consumer_Action_Taskforce
← Older editNewer edit →
VisualWikitext
Mr Pollo (talk | contribs)
593 edits
m moved categories to company category
mNo edit summary
Line 57: Line 57:
==References==
==References==
{{reflist}}
{{reflist}}
 
[[Category:Wemo]]
[[Category:Belkin]]

Revision as of 20:55, 6 March 2025

⚠️ Article status notice: This article has been marked as incomplete

This article needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues.

This notice will be removed once sufficient documentation has been added to establish the systemic nature of these issues. Once you believe the article is ready to have its notice removed, visit the discord and post to the #appeals channel.

Learn more ▼

Wemo
Basic information
Founded 2012
Type Subsidiary
Industry Smart home
Official website wemo.com (https://www.belkin.com/products/wemo-smart-home/)

Wemo is a subsidiary of Belkin founded in 2012. They are known for smart home devices such as plugs and light switches that use the HomeKit and Thread protocols.

Consumer impact summary

Screenshot of account closure screen.

Through the app, users can delete their account by pressing the "close account" button, which will warn that Wemos cannot be controlled through the app once account data is deleted. The devices can also work by only using the Apple Home app, which does not require a Wemo account to set up.

Since late 2023, the privacy policy of Belkin and Wemo have merged, sharing the same terms with each other. The data collected on users includes account information such as email and password, device information, first and third-party cookies, age, location, and IP address.[1] Belkin shares this info with marketing partners unless the user opts-out.[2] Users are allowed to make requests to access, withdraw consent, object, and delete most of the information Belkin has collected on them.[3] Belkin states they may need to hold onto information to "Defending Belkin against legal claims" or "Needing to respond to customer complaints and queries".[4]

The business model of Wemo is to sell smart home devices without the user paying for a subscription service. Although this may seem like a pro-consumer move, the Wemo experience has been diminished due to the lack of income streams. According to the App Store, the app once had a 3-year window without updates, which lasted between February 23, 2021 and May 28, 2024 (the current version as of February 24, 2025).[5]

Market control of Wemo has been decreasing over the years, as Wemo is only selling three devices[6], down from nine the year prior.[7]

Incidents

Security vulnerabilites

On November 5, 2013, Wemo updated its API to prevent future XML injection attacks.[8]

On May 16, 2023, multiple websites reported a Sternum study regarding a buffer overflow vulnerability in the Wemo Mini Smart Plug V2.[9] The study mentions the device could be exploited through a program called pyWemo[10] and potentially through cloud controls.[11] In their official response, Wemo stated "we believe that bad actors cannot exploit this vulnerability unless they have access to the user’s local network"[12] and "We discontinued the Wemo Mini Smart Plug v2 (F7C063) in 2020"[13], despite not making this information publicly available prior. During this report, the Wemo app hadn't been updated in 2 years, with the most recent update being on February 23, 2021, as previously mentioned.[5]

Connection issues

Since 2018, there have been reports of Wemo devices losing connection to networks frequently.[14] This has been the case for dimmers[15], plugs[16], and switches.[17] Device rules created through the Wemo app have also been described as unreliable.[18] In some cases, the Wemo cloud becomes offline, with users being led to 404 pages.[19]

Some users have mediated these issues by self-hosting a local server for Wemo devices, such as AutomationManager and Home Assistant.[20]

DNS activity

Some users of Wemo have noticed their switches connect to multiple unrelated domains, such as to CNN and Fastly.[21] Other reports mention each Wemo device making 160,000+ DNS requests in a 24 hour timeframe.[22][23]

Products

  • Dimmers
    • Wemo Smart Dimmer[24]
    • Wemo WiFi Smart Dimmer[25]
  • Doorbells
    • Wemo Smart Video Doorbell[26]
  • Light switches
    • Wemo Smart Light Switch with Thread[27]
    • Wemo WiFi Smart Light Switch[28]
    • Wemo Smart Light Switch 3-Way[29]
  • Plugs
    • Wemo Smart Plug with Thread[30] (release date): Short summary of the product's incidents.
    • Wemo WiFi Smart Outdoor Plug[31]
  • Scene controller
    • Wemo Scene Controller with Thread[32]


References

  1. https://web.archive.org/web/20230107062703/https://www.wemo.com/privacy-policy/#typesofinformation
  2. https://www.belkin.com/legal/privacy-policy/#marketing-anchor
  3. https://www.belkin.com/legal/privacy-policy/#your-rights-in-relation
  4. https://www.belkin.com/legal/privacy-policy/#retention-of
  5. 5.0 5.1 https://apps.apple.com/us/app/wemo/id511376996
  6. https://web.archive.org/web/20240225173134/https://www.belkin.com/products/wemo-smart-home/
  7. https://web.archive.org/web/20230201232551/https://www.belkin.com/products/wemo-smart-home/
  8. https://www.belkin.com/support-article/?articleNum=80322
  9. https://sternumiot.com/iot-blog/mini-smart-plug-v2-vulnerability-buffer-overflow/
  10. https://thehackernews.com/2023/05/serious-unpatched-vulnerability.html
  11. https://www.theverge.com/2023/5/16/23725290/wemo-smart-plug-v2-smart-home-security-vulnerability
  12. https://x.com/WEMOcares/status/1658963426230562819
  13. https://x.com/WEMOcares/status/1658963635882938374
  14. https://www.reddit.com/r/WeMo/comments/8sv90i/the_most_common_problems_and_issues_with_wemo/
  15. https://www.reddit.com/r/WeMo/comments/zwb7wr/comment/j1xqs3h/
  16. https://www.reddit.com/r/WeMo/comments/17ur9b2/comment/k97i0dp/
  17. https://www.reddit.com/r/WeMo/comments/18iidjr/comment/m6utdkq/
  18. https://www.reddit.com/r/WeMo/comments/18iidjr/comment/kdr6n38/
  19. https://www.reddit.com/r/WeMo/comments/zkd9xc/belkin_wemo_is_the_worst_the_app_is_full_of_bugs/
  20. https://www.reddit.com/r/WeMo/comments/18iidjr/comment/kf6plao/
  21. https://www.reddit.com/r/WeMo/comments/1auslst/fun_fact_wemo_switches_act_as_a_dns_server/
  22. https://www.reddit.com/r/WeMo/comments/1auslst/comment/ktxkqx8/
  23. https://www.reddit.com/r/WeMo/comments/1auslst/comment/krb0i1o/
  24. https://web.archive.org/web/20221130043724/https://www.belkin.com/smart-dimmer/P-WDS070.html
  25. https://web.archive.org/web/20221129001529/https://www.belkin.com/wifi-smart-dimmer/P-WDS060.html
  26. https://www.belkin.com/p/smart-video-doorbell/WDC010.html
  27. https://www.belkin.com/p/smart-light-switch-with-thread/WLS0503.html
  28. https://web.archive.org/web/20221130045654/https://www.belkin.com/wifi-smart-light-switch/WLS040-CA.html
  29. https://web.archive.org/web/20221129145512/https://www.belkin.com/smart-light-switch-3-way/P-WLS0403.html
  30. https://web.archive.org/web/20230910113415/https://www.belkin.com/smart-plug-with-thread/WSP100.html
  31. https://web.archive.org/web/20221201141200/https://www.belkin.com/wifi-smart-outdoor-plug/WSP090.html
  32. https://www.belkin.com/p/scene-controller-with-thread/WSC010.html
Retrieved from "https://consumerrights.wiki/index.php?title=Wemo&oldid=11342"