Cybersecurity

Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server

Leon SCOTT

1 min read
Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server
Photo by Firmbee.com / Unsplash

Nice

Quote
“The issue, according to Sadeghipour, was that one of the servers that Facebook used for creating and delivering ads was vulnerable to a previously fixed flaw found in the Chrome browser, which Facebook uses in its ads system.” reported TechCrunch. “Sadeghipour said this unpatched bug allowed him to hijack it using a headless Chrome browser (essentially a version of the browser that users run from the computer’s terminal) to interact directly with Facebook’s internal servers.”

The researcher did not continue testing all possible implications of exploiting the flaw because, as soon as he reported it to Meta, the company acknowledged the issue and asked him to suspend activities to allow for bug fixing.

Suck kinds of vulnerabilities potentially allow threat actors to compromise multiple components of internal infrastructure of the company. Other organizations could suffered similar issues.
Unquote

How a researcher earned $100,000 hacking a Facebook server
Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024.
Security AffairsPierluigi Paganini

This guy and associates are a level above. Cool

#enoughsaid