Vulnerability Disclosure Policy

We take security issues very seriously and recognize the importance of privacy and data security. We welcome security researchers to provide us with feedback on potential security issues to improve the security of mibro products and services.

How to report a security issue  
Step 1: If you think you have found a vulnerability in mibro children's products (mibrokids) or have a security incident that needs to be reported, please send us an email with the proof. We continuously monitor the vulnerability reception channel and review and distribute accepted vulnerabilities in a timely manner.  
Step 2: We will conduct technical verification of the validity of the vulnerability to confirm its exploitability and potential impact.  
Step 3: We will develop vulnerability fixing plans or risk mitigation measures and verify their effectiveness.  
Step 4: We will further investigate all potentially affected products and clarify the scope of products affected by the vulnerability.  
Step 5: After confirming that all vulnerability response processes have been completed, we will review and issue security recommendations for the vulnerability.

Vulnerability submission method

Vulnerability Classification and Reasons:
A-Critical (High Risk)
1. Serious malfunctions that significantly impact users’ normal usage.
2. Malfunctions that contradict product requirements.
3. Malfunctions that fail to meet national laws, standards, or industry-related criteria.
4. Software security flaws in the product.
5. Malfunctions that have a severe impact on production and repairability on the production line.
6. User complaints and post-sales feedback indicating unacceptable malfunctions.
7. Malfunctions that have a significant impact on user experience.
8. Malfunctions caused by server issues that prevent normal data retrieval from firmware and apps.
9. User data destruction or loss caused by normal user operations or upgrades.
10. User interface glitches or distortions caused by normal user operations or application interface errors.
11. Significant computational errors, process or logic errors, or incompleteness.
12. Higher probability (>=5%) of sporadic malfunctions in regular functions.
13. Product performance issues (response time, standby duration, positioning rate, power consumption, etc.) that fail to meet standards and have significant gaps compared to comparable machines or standards.
14. Errors in primary function copywriting and interaction that do not align with product requirements.

B-Major (Medium Risk)
1. Malfunctions that significantly affect user experience.
2. Malfunctions that affect user experience to a certain extent.
3. Malfunctions related to UI, string translation, compatibility issues with different device models.
4. Lower probability (<5%) of sporadic malfunctions in regular functions.
5. Product performance issues (response time, standby duration, positioning rate, power consumption, etc.) that fail to meet standards but are close to comparable machines or standards.
6. Errors in after-sales issues, user assistance, privacy policies, etc.
7. Errors in secondary and (minor) function copywriting and interaction that do not align with product requirements.

C-Minor (Low Risk)
1. Issues that users typically overlook and do not affect normal usage.
2. Differences between non-functional aspects and product definition documents, software specifications.
3. Infrequent and low probability (<5%) issues occurring in non-common paths (including performance testing, compatibility testing).
4. Minor product malfunctions that users can tolerate.

Response time
Report receipt will be confirmed within 7 working days and a preliminary assessment will be made. Within 14 business days, the assessment will be completed and the vulnerability will be fixed or a remediation plan will be developed.  
Critical risk vulnerabilities will be fixed within 7 working days.  
High-risk vulnerabilities will be fixed within 30 working days.  
Low-risk vulnerabilities will be fixed within 180 working days.  

Note that some vulnerabilities are environmentally or hardware limited. The final repair time will be determined based on actual conditions.

We appreciate the opportunity you give us to improve our products and services so that we can better protect our users. Thank you for working with us through the above process!

By clicking "Accept" or by continuing to browse the site, you agree to the storing of cookies on your device to enhance your experience, analyze site usage, and assist in our marketing efforts. You can learn more about cookie management by clicking "Cookie Settings" button.

Cookie Policy

Last updated: [January 19, 2024]


Zhenshi Information Technology (Shanghai) Co., Ltd., as well as all other affiliates of the Zhenshi (referred to in this policy as "Zhenshi", "We", "Our" or "our") take your privacy very seriously. This policy is designed to meet your needs and it is important that you fully understand the type of cookies We use and how We use the information We collect. By reading this policy carefully, you can understand how We and Our partners use cookies and other trackers, including the categories of trackers used by Us and Our partners, their purposes and how you can change your preferences.

In certain circumstances and through these cookies, We collect some of your personal data which may include your IP address, information about how you use Our website, your choice of internet browser, the type of device from where you access Our website and where in the world you are. Where the information We collect through cookies is considered personal data, this Cookie Policy and Our Privacy Policy can be accessed here [privacy policy], apply to the collection and use of such personal data. For more information on Our information collection and use practices, please review our privacy policy available here [privacy policy].


Cookies are small text files containing a string of alphanumeric characters that are placed on your computer, phone or other device by certain websites that you visit. Zhenshi's websites and online services (referred to in this policy as Our "website") may use cookies and other trackers for a variety of purposes, including to provide the functionality of Our website and to improve your experience. Other trackers, such as pixel tracking and local storage, are also used to store or access information on your devices and to record your actions or preferences over time. In this policy, We refer to all of these technologies by the term "cookies". Different cookies persist for different periods of time on your devices. We may use both session cookies and persistent cookies. Session cookies expire when you close your browser. Persistent cookies remain after you close your browser and may be used by your browser on subsequent visits to the website or when you use one of Our services (for example, to remember your preferences).


Cookies can be used for a variety of purposes. Most of them are set to maintain the essential functionality of Our website and to observe the performance of websites which will help Us to work more efficiently.

Local storage is a file created by a website, which can contain information on the user side rather than the server side. Some of Zhenshi's websites and online services use browser's "session storage" and "local storage" to store data - "session storage" is stored temporarily for your browsing session, but "local storage" "is persistent. Most local storage is used to help Us remember your preferences on Our websites, or associated with onetrack which is a statistical tool provided by Zhenshi.

Pixel tracking is an electronic image generally made up of a single pixel. It can be placed on a web page or in an email to transmit information, including personal data such as the IP address of the computer that downloaded the page in question, the URL of the page, the time consultation of the page and the type of browser used, as well as the data contained in cookies sent by a third party.


We will collect your consent to place cookies on your device, except in certain circumstances where cookies are essential for the transmission of a communication, or when cookies are strictly necessary for us to provide you with a service you have requested (please see the sections on "required cookies" and "functional cookies" below for more information on how we use these categories of cookies).

You can withdraw your consent to the use of cookies or adjust your cookie preferences by going to the cookie settings accessible at the bottom of the page at any time. Please note that you may need to refresh your page for your settings to take effect.


We use the following categories of cookies on Our website:


These cookies are essential to enable users to use Our website. In particular, they allow access to certain functionalities such as the live Stream service and access to other secure parts of the website. The required cookies are necessary for the proper functioning of the website and cannot be deactivated or rejected by users without affecting the functioning of the site and its use. Without these cookies, you would not be able to navigate between pages or use certain essential functions of Our website.

These cookies are strictly necessary for the use of Our website, for more details on these necessary cookies, please consult the complete list of the aforementioned cookies which is available below.


These cookies allow you to browse Our website or to benefit from certain improved features such as remembering your browsing preferences or using instant messaging.

As with the necessary cookies, if these cookies are disabled, it could have an impact on your use of the site and on the access to certain features. These cookies being essential for the use of Our website, We will not be obliged to obtain your consent for the use of the aforementioned cookies.

For more details on the functional cookies that We use, please see the complete list of the aforementioned cookies which is available below.


Analytical cookies track users' activities in their browsers in order to better understand how Our website is viewed and used. These cookies collect information in order to determine:

1. The channel through which users arrive on Our website. For example, if they visit it directly by typing a URL, or by clicking on a link on other social media platforms or search engines.

2. The performance of Our website. For example, number of visits to each page, duration of each visit, usage and clicks on each feature point, events that occur on the website, aggregate usage, performance data and breakdown errors that may occur on the website.

3. Information about devices that visit Our website. For example: browsers, operating system, device model, etc.

We will obtain your prior express consent by means of a clear affirmative action before using these analytical cookies.

For more details on the analytical cookies that We use, please see the complete list of the aforementioned cookies which is available below.