dcsimg
August 17, 2018
Hot Topics:

Student Earns $36,337 Bug Bounty for Google App Engine Vulnerability

  • May 22, 2018
  • By Developer.com Staff

An 18-year-old student at Uruguay's University of the Republic has received $36,337 in bug bounties for finding a security vulnerability in Google App Engine. The flaw enabled remote code execution (RCE) in the cloud development platform, making it a critical vulnerability in Google's eyes.

The student reported the discovery to Google but had no idea how important it was until Google told the researcher to stop work because more investigations could break their system. "I was not aware until then that this was regarded as Remote Code Execution (The highest tier for bugs), it was a very pleasant surprise," the researcher said. "I asked one of the Googlers in the reward panel about it, and he told me it is RCE for the way Google works and also that the extra $5k (Since they pay $31,337 for RCE bugs) was for a lesser bug."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date