You found a bug that potentially allows strangers to invade the privacy of others. My personal opinion is that you have a moral obligation to report it to the manufacturer and give them an opportunity to patch it before releasing anything publicly.
Not disclosing it is putting countless people at risk. How would you feel if someone looked into your house and was able to see you and your family members in situations where they were expecting privacy? You have a chance to prevent that.
Don't put others at risk for your own convenience. Doing the right thing is never the wrong thing.
If you install surveillance gear that operates through the vendor's cloud management solution then you are already giving strangers the ability to invade your privacy.
Sure, the OP doesn't need to make it any worse, but it's already bad.
Not disclosing it is putting countless people at risk. How would you feel if someone looked into your house and was able to see you and your family members in situations where they were expecting privacy? You have a chance to prevent that.
Don't put others at risk for your own convenience. Doing the right thing is never the wrong thing.