Saturday, January 07, 2017

Netgear with world's easiest bug bounty

Netgear world's easiest bug bounty


Netgear has broken ranks from the consumer router security shame factory to offer a bug bounty sporting extra rewards for chained exploits.

Hoping to shake the SOHOpeless tag, the vendor will hand out up to US$15,000 for hackers reporting global remote unauthorised access from the internet to Netgear devices, and unauthorised access to Netgear's cloud storage or live video feeds and files.


Hackers will bag US$10,000 to those who can pull off those feats for individual users, or can score credit card information including the all critical CVV numbers.

Types of Responsible Disclosure Program

NETGEAR is offering 2 types of security vulnerability disclosure programs.

Kudos Program

  • Rewards – (points) ,
  • Issues submitted must be using the latest software version.
  • To check for the latest version, search by model number at NETGEAR SUPPORT

Cash Reward Program

  • Reward – cash (US Dollars)
  • ONLY the following products are eligible for a cash reward
  • Only Issues submitted for the latest version number are eligible for reward.
  • To check for the latest version, search by model number at NETGEAR SUPPORT
Below is paychart
vulnerabilities that qualify the bounty program include
  • SQL injection bug
  • Information disclosure flaw
  • Stored cross-site scripting (XSS) vulnerability
  • Cross-site request forgery (CSRF) bug
  • Open redirect issues


For more detail get to https://bugcrowd.com/netgear





0 comments:

Post a Comment