Comcast Xfinity Vulnerability Disclosure Program

Digital Cable TV, Internet and Phone for Residential and Business Services

  • Points – $1,250 per vulnerability
Submit report

Updated VDP In-Scope Targets & Out-of-Scope findings

There have been updates within (IN-SCOPE & Out-of-Scope TARGET) as of March 06, 2024. This update brings about the following changes with links to relevant resources:

  • Removed *.xfinity.com & *.comcast.com from in-scope. Please report that submission to our Xfinity Bug Bounty Program *Added detailed Out of Scope list and Customer IP ranges for better clarity

As always, please be sure to review the program brief in detail, and if you have any questions, please reach out Bugcrowd Support Portal.

Happy Hunting!

mk_exe
mk_exe