dcsimg
December 18, 2018
Hot Topics:

Student Earns $36,337 Bug Bounty for Google App Engine Vulnerability

  • May 22, 2018
  • By Developer.com Staff

An 18-year-old student at Uruguay's University of the Republic has received $36,337 in bug bounties for finding a security vulnerability in Google App Engine. The flaw enabled remote code execution (RCE) in the cloud development platform, making it a critical vulnerability in Google's eyes.

The student reported the discovery to Google but had no idea how important it was until Google told the researcher to stop work because more investigations could break their system. "I was not aware until then that this was regarded as Remote Code Execution (The highest tier for bugs), it was a very pleasant surprise," the researcher said. "I asked one of the Googlers in the reward panel about it, and he told me it is RCE for the way Google works and also that the extra $5k (Since they pay $31,337 for RCE bugs) was for a lesser bug."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date