|
Hello Ulanzi Team and Community,
I’d like to kindly ask for a quick confirmation regarding a security report I sent to Ulanzi about 3 week ago (at service@ulanzi.com) and 2 weeks ago (at chenxudong@ulanzi.cn). So far, I haven’t received any reply or confirmation that my message was received or forwarded to the responsible IT security team.
For context (without any technical details): The report concerns local security issues as well as the communication security and how credentials in the software are handled. I have not shared any exploit details publicly — my goal is a responsible and coordinated disclosure.
It would be helpful if you could confirm: That my initial email has been received, and That it has been forwarded to your IT Security or responsible engineering team (or let me know who I should contact directly).
Please let me know as soon as possible whether your team intends to engage on this report. I am offering a standard 90-day disclosure window, which expires on 29 December 2025. If I do not receive any acknowledgment or indication that the issues will be handled by that date, I will assume you are not interested in coordinated remediation and will proceed with a public disclosure.
To be clear: I prefer to work with your security team confidentially and provide any technical details required to reproduce and fix the issues. If you are not planning to address this, please say so explicitly — that will allow me to inform the community accordingly. If anyone from the official support or IT security team is reading this, please reply here or contact me directly at kontakt (at) foto-video-it.de
Thank you for your time and attention — I appreciate your cooperation in ensuring product security.
| 
English
简体中文
繁體中文
한국 사람
日本語
Deutsch
русский
بالعربية
TÜRKÇE
português
คนไทย
french
发表于 2025-10-22 14:33:30
