Many companies in the IT industry provide a bounty program for those who discover important bugs that could potentially lead to malfunctions, data leak or money loss.
Does Bambu Lab / MakerWorld have such a program?
Yes, the Bambu Lab Bug Bounty Program​ is available here.
2 Likes
Thank you really interesting.
Thinking… these rules appear to only contemplate attacks regarding access or misuse of printers, what about the web portal, isn’t it an interesting point of analysis/attack that deserves a bounty program?
Does this still exist? I see the bug bounty program page still exists but I cannot get a reply from the email there security@bambulab.com, what do I need to do? I have several security vulnerabilities to report
As did I. Didn’t see the bounty program anywhere, so I contacted an engineer on the forum. They referred me to someone else on the forum. It took about a month for them to resolve it, and they didn’t do the best job at resolving the issue entirely. If the issue was exploited, it could have cost them thousands. They compensated me with a enough points for a $40 gift card.
Don’t waste your time on it. I’ve found a few other issues, but have chosen not to report them because I don’t care enough to essentially fight with them so that they will implement a decent fix and then be compensated with something that I have plenty of.