Is there any bug bounty or any way to access raw firmware files

[mohzen]

Hey there!
im mohzen, a cybersecurity researcher, and im wondering if there is any wiim bug bounty, or if there is any way to get access to Wiim firmware files to find bugs, and if there is any way to report any found bugs.

Thanks,
Mohzen

 

[mohzen]

y'all are genuinely acting like im threatening the security of the WIIM boxes.

 

[mohzen]

Also, Linkplay (and its brands) Support Vulnerabillity finding, as shown in an email converation ~4 years ago with user "Zachi40" on github.

hardcoded on LinkPlay app

hardcoded on LinkPlay app. GitHub Gist: instantly share code, notes, and snippets.

gist.github.com

 

[mohzen]

Furthermore, they have a page on their main website (https://www.linkplay.com/security-1) which allows security researchers (Like me) to report vulnerabillities and ask for guidance.

 

[hgo58]

Furthermore, they have a page on their main website (https://www.linkplay.com/security-1) which allows security researchers (Like me) to report vulnerabillities and ask for guidance.

Stress and vulnerabilities testing is very different from getting access to the firmware.

You can of course do cross-script testing, etc. and probe the communication from the WiiM. That is fully legal.

So go ahead.