Insta360 ONE X2: default WiFi password and telnet root access?


  • 2022-1-28 – Additional details.
  • 2022-1-31 – Added link to YouTube video discussion.

Over on REDDIT I found a troubling post about the 360 camera I am currently reviewing:

Doing a bit of searching led me to more information elsewhere in a forum post from 3/6/2021:

How can a popular consumer product have a hard-coded WiFi password that gives access to all your photos and videos? Even worse, how can it have a non-encrypted telnet server (which even Windows and macOS have removed) that lets one log in as the root user without needing a password?

Since this information has been public for at least almost a year, and the problem remains in the most recent firmware update (dated 1/22/2022 as of this writing), either Insta360 is unaware of the problem or doesn’t think it is a problem.

Either way, I think I’m going to change the root password on mine, and a REDDIT reply says you can change the WiFi password if you don’t mind manually connecting WiFi to the camera each time.

Baby steps.

Until next time…

Additional Details

WiFi password is reportedly generated by Bluetooth, and ends up in a temporary file created each time:


The script that generates this file is in /usr/local/share/script/

There, I see places where AP_PASSWD is set, overwriting a default of 1234567890 listed in wifi.conf/wifi.ap.conf. may be the one (AP = access point).

I will share details on if there is any easy way to alter the password from the default, assuming the Insta360 app allows that. My thought is generating a new file on startup and making it read-only so the app cannot overwrite it.

Shared Security Show on YouTube

Discussed at the 14:40 mark.

4 thoughts on “Insta360 ONE X2: default WiFi password and telnet root access?

  1. Pingback: ScrewX2 and the Insta360 WiFi security hole. | Sub-Etha Software

  2. Pingback: Insta360 X3 360 camera released | Sub-Etha Software

  3. Pingback: Insta360 X3 firmware bug list | Sub-Etha Software

  4. Pingback: Insta360 ONE X2 firmware bug list | Sub-Etha Software

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.