Is there any bug bounty or any way to access raw firmware files

mohzen · 2026-03-03T23:47:20-0800

Hey there!
im mohzen, a cybersecurity researcher, and im wondering if there is any wiim bug bounty, or if there is any way to get access to Wiim firmware files to find bugs, and if there is any way to report any found bugs.

Thanks,
Mohzen

F1 Fan · 2026-03-03T23:51:49-0800

mohzen said:
Hey there!
im mohzen, a cybersecurity researcher, and im wondering if there is any wiim bug bounty, or if there is any way to get access to Wiim firmware files to find bugs, and if there is any way to report any found bugs.

Thanks,
Mohzen

What a strange first post ..

mohzen · 2026-03-03T23:58:39-0800

F1 Fan said:
What a strange first post ..

Ive been thinking about it, since my father got the Wiim ultra, it is an interesting device, and i wanna poke it without breaking it.. sorry if this sounds weird!

Wiimer · 2026-03-04T00:41:53-0800

mohzen said:
Hey there!
im mohzen, a cybersecurity researcher, and im wondering if there is any wiim bug bounty, or if there is any way to get access to Wiim firmware files to find bugs, and if there is any way to report any found bugs.

Thanks,
Mohzen

Hi
Please use the WiiM device and report any issues you encounter through the feedback section of the WiiM app. Alternatively, you can join the beta test. For now, I believe these are all the actions available to us as users.

mohzen · 2026-03-04T00:45:59-0800

Wiimer said:
Hi
Please use the WiiM device and report any issues you encounter through the feedback section of the WiiM app. Alternatively, you can join the beta test. For now, I believe these are all the actions available to us as users.

The thing is, none of them allow access to raw firmware files to statically analyze.

hgo58 · 2026-03-04T00:51:20-0800

mohzen said:
The thing is, none of them allow access to raw firmware files to statically analyze.

Of course not. The firmware is the property of LinkPlay and is not open software.

Burnside · 2026-03-04T00:52:50-0800

mohzen said:
The thing is, none of them allow access to raw firmware files to statically analyze.

I suspect that’s deliberate as there might well be proprietary code or IPR issues if their firmware was openly available to allow the kind of studies you describe.

As @Wiimer said, bugs are discovered thru use of the devices and reporting those back to WiiM via the more/feedback section in their app.

Wiimer · 2026-03-04T02:04:07-0800

Also, you could join Linkplay as an engineer. But you'll probably be dishwasher for the first year.

mohzen · 2026-03-04T02:36:30-0800

Wiimer said:
Also, you could join Linkplay as an engineer. But you'll probably be dishwasher for the first year.

I am ... wont specify my age, so that will certainly be a task under my jurisdiction...

Burnside · 2026-03-04T03:56:09-0800

15 I believe you said before editing it out?

I feel you’re chasing a unicorn here and should maybe just abandon your quest and stick to the suggested incident reporting route

QuarryHunslet · 2026-03-04T04:03:30-0800

Burnside said:
15 I believe you said before editing it out?

Yes, you are correct, well spotted.

hgo58 · 2026-03-04T04:09:46-0800

mohzen said:
The thing is, none of them allow access to raw firmware files to statically analyze.

Anyway, the firmware is not just an app. It's a specially adapted Linux system running a number of standard and sound processes. Unless you got the source code for all of it, there is nothing of interest for normal users.

Trying to decode the system will also be illegal, as I see it.

mohzen · 2026-03-04T04:14:05-0800

hgo58 said:
Anyway, the firmware is not just an app. It's a specially adapted Linux system running a number of standard and sound processes. Unless you got the source code for all of it, there is nothing of interest for normal users.

Trying to decode the system will also be illegal, as I see it.

Reverse engineering isn't illegal? Where did you get that?

Burnside said:
15 I believe you said before editing it out?

I feel you’re chasing a unicorn here and should maybe just abandon your quest and stick to the suggested incident reporting route

I feel the same, this doesn’t exactly feel like the right approach, and trying to dig deeper could cause more trouble than it’s worth.

Thanks to the community!

Burnside · 2026-03-04T04:44:58-0800

Section 7 here states: "You may not copy, modify, create a derivative work of, reverse engineer, decompile, or otherwise attempt to extract the source code of the Services or any part thereof, unless this is expressly permitted or required by law. All rights not expressly granted herein are reserved by us."

slartibartfast · 2026-03-04T04:51:53-0800

mohzen said:
Reverse engineering isn't illegal? Where did you get that?

WiiM terms and conditions include this
"You may not copy, modify, create a derivative work of, reverse engineer, decompile, or otherwise attempt to extract the source code of the Services or any part thereof, unless this is expressly permitted or required by law."

@Burnside beat me to it

Is there any bug bounty or any way to access raw firmware files

mohzen

New Member

F1 Fan

Valued Contributor

mohzen

New Member

Wiimer

Major Contributor

mohzen

New Member

hgo58

Major Contributor

Burnside

Major Contributor

Wiimer

Major Contributor

mohzen

New Member

Burnside

Major Contributor

QuarryHunslet

Major Contributor

hgo58

Major Contributor

mohzen

New Member

Burnside

Major Contributor

slartibartfast

Major Contributor

Similar threads