The reporter shares their experience of finding a Samsung vulnerability and receiving a monetary reward for doing so (known as a bounty).
They discovered a HTML injection (HTMLI) vulnerability whilst searching Samsung subdomains using Google dorking.
The vulnerability involved a newsletter subscription function that did not sufficiently validate user-supplied data, allowing the inclusion of malicious HTML code in the resultant email.
This provided the opportunity for a phishing attack through which the attacker could gain full control (ATO) of a victim’s account.
The vulnerability was reported to Samsung, and the reporter was rewarded with a bounty.
It was marked as low severity, a classification the reporter disagrees with.
The vulnerability was ultimately patched by Samsung through the implementation of stricter whitelisting and server-side validation. commonly used by attackers to send unauthorized emails to a victim’s contacts.
While Samsung resolved the issue by implementing stricter email validation, the reporter believes that the vulnerability should have been assigned a higher severity level given its potential for harm. reveal their techniques and thought processes, providing insight into the world of ethical hacking and helping others aspiring to follow in their footsteps.