CDN77 is committed to ensuring the security and privacy of our systems, data, and users. We encourage you, as security researchers, to responsibly report vulnerabilities you discover.
Submit a reportBy participating in our Bug Bounty Program, you agree to the full terms and conditions|
The program covers our corporate website www.cdn77.com and our customer portal client.cdn77.com.
The primary focus is on identifying and mitigating critical security vulnerabilities, such as:
Certain areas are out of scope. The testing of any vulnerabilities outside the defined scope is strictly prohibited and will result in disqualification from eligibility for legal safe harbor protections.
The following issues are out of scope and will not be considered as security vulnerabilities:
The reward structure is based on the severity of the reported vulnerability, the potential impact, and the ease of exploitation. For the purpose of rating and categorizing vulnerabilities we use Bugcrowd’s Vulnerability Rating Taxonomy.
We reserve the right to award higher compensation for vulnerabilities deemed exceptionally innovative or severe, and to award lower compensation for vulnerabilities that necessitate atypical or complex user interaction.
Technical severity | Reward |
---|---|
P1 | $2,000 - $3,000 |
P2 | $1,000 - $2,000 |
P3 | $500 - $1,000 |
P4 | $250 - $500 |
P5 | $100 - $250 |
We offer legal safe harbor for participants acting in good faith. This means we will not pursue legal action against individuals who follow these Program Terms, including rules on responsible disclosure and scope, provided that they report the vulnerabilities through our Bug Bounty Program.
CDN77-bugbounty-terms