Vulnerability Disclosure Policy

This policy outlines how to report any vulnerabilities you may find within Wi-Fi enabled products. We encourage you to read through this policy carefully before making a report, and to ensure your submission aligns with its guidelines. We do not provide financial compensation or payment in kind for reporting vulnerabilities.  

Support

For further information on the support of all updateable components, go to: TuyaOS Development Framework

Reporting a Vulnerability Please complete the PDF request form and submit to Customer Services to report a vulnerability. To help us review and respond efficiently, please include the following details in your submission:

Date discovered – When you first identified the issue Location – What part of the product it relates to Steps to reproduce – A clear description or example of how the issue can be triggered We appreciate your help in keeping our platform safe.

What Next?

We will respond to you within 7 days of receiving your vulnerability report to acknowledge receipt. You may be contacted again if we require further details from you regarding the vulnerability or your report. After receiving a vulnerability report, we will investigate and publish a warning on the Dunelm website if necessary. If at any time a fix is found, we will withdraw all relevant published warnings.