Security researchers earn $50k after exposing critical flaw in Apple travel portal

Chained exploit leads to shell access

Security researchers earned $50k after exposing critical flaw in Apple travel portal

Security researchers have earned a $50,000 bug bounty after uncovering a critical flaw in Apple’s travel portal.

Rahul Maini and Harsh Jaiswal were able to achieve remote code execution (RCE) by stringing together a string of vulnerabilities in order to exploit targeted domains.

The bug hunting exercise was inspired by earlier work by Sam Curry and his associates that uncovered no fewer than 55 vulnerabilities in Apple’s web infrastructure, earning a cumulative bug bounty of $288,000.

Curry is continuing his work and this week went public with vulnerabilities in Apple’s domain that created a means to get billing data from any Apple user.

Lucee in the sky with exploits

In a detailed technical write-up, Maini…


Source link

About coldfusion

Check Also

Obama chief scientist cools on climate crisis news coverage

Article originally published at CFACT.org President Barack Obama’s Energy Department Chief Scientist Steven Koonin’s soon-to-be-published …

Leave a Reply

Your email address will not be published. Required fields are marked *