Facebook has paid its largest bug bounty ever of $33,500 to a Brazilian security researcher for finding remote code execution. With this vulnerability, researcher could have taken full control of the server.
Facebook confirmed this biggest bounty via a Facebook page where it also explained the vulnerability. Facebook said that the issue belonged to the XML external entities vulnerability that could allow someone to read arbitrary files on the server. Now the bug has been fixed. Company also shared how it patched the vulnerability.
Reginaldo Silva has been playing with vulnerabilities in OpenId since 2012. OpenId is a platform that lets users use one account in other compatible services. Facebook also use OpenID and use XML in communication process. Silva has found vulnerability in the process and was able to access the server’s /etc/passwd file. This file contains a list of all user accounts and the location of their home directories.
Silva has also explained how he managed to find this vulnerability. If you are interested, you can read the full disclosure in his personal blog.
Back in June, Facebook paid $20,000 to a British researcher for finding security flaw.
