<div><div>Hi BugBountyTeam!</div><div><br></div><div>I've received your emails and responded on the same day. Maybe it was moved to spam?</div><div>Could you re-check on your side because it seems to be an important issue if some letters didn't reach you.</div><div>Here are the raw content of my reply on July, 7:</div><div><pre>Received: from [37.140.172.119] by mail.rambler.ru with HTTP; Fri, 7 Jul 2017 13:01:16 +0300
From: "Vitaliy Potapov" <noginsk@rambler.ru>
To: "secbugbounty" <secbugbounty@samsung.com>
Reply-To: "Vitaliy Potapov" <noginsk@rambler.ru>
Subject: RE: [Samsung Bug Bounty] More information requested
Date: Fri, 7 Jul 2017 13:01:16 +0300
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_14994216761920432"
In-Reply-To: <1499421664.736377.23635.18527@mail.rambler.ru>
Message-Id: <1499421676.472943.19204.19401@mail.rambler.ru>
MIME-Version: 1.0
References: <1499421664.736377.23635.18527@mail.rambler.ru>
X-Mailer: Rambler WebMail, http://mail.rambler.ru/

This is a multi-part message in MIME format.

--_----------=_14994216761920432
Content-Type: multipart/alternative; boundary="_----------=_14994216761920433"

This is a multi-part message in MIME format.

--_----------=_14994216761920433
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"; format="flowed"

Hi,

Sensitive information with vulnerability steps and code is attached as encr=
ypted
file.

Tested on TV:

MN : UE49K5500=20
PD : --/--/----=20
SN : 0BL73LDHA00871E=20
FW : T-HKMFKDEUC-1180.5=20
FC : SWU-OU_T-HKMFKDEUC_1180_170530=20
MI : T-HKMFKDEUC=20
LS : CIS_RUSSIA=20
DI : CPCPLUMAL74GG=20
MA : B8BBAF0CC15B=20
VS : 1180.170530

Thank you.</pre></div><div><br></div><div><br></div><div>Anyway I will re-submit both vulnerabilities today from another email (on gmail.com).</div><div><br></div><div>Thank you!</div><br></div><div><br></div><div>-- </div><div>Regards,<br>Vitaliy Potapov</div><div><br></div><blockquote><div>15.12.2017, 13:23, SecBugBounty <<a href="mailto:secbugbounty@samsung.com" data-mce-href="mailto:secbugbounty@samsung.com">secbugbounty@samsung.com</a>></div><!-- Hostname: benito31.mail.rambler.ru --><div class="messageBodyContainer" id="part0"><div class="messageBodyContainer isInnerPart" id="part1"><div class="messageBody isFormattedText"><div class="RMCJNQCV"><div class="RMCJNQCVHTML"><div class="RMCJNQCVBODY"><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">Dear, Vitaliy Potapov</span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"></span></span></span> </p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">As we checked, you reported 2 submissions to Samsung TV Bug Bounty on 2017-07-04. </span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">After we received your submissions, we answered you and asked you more information about the issues via e-mail. </span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">We have been handling each bug bounty report with the 2 week-window. It doesn't seem our initially response reached you and your follow-up response got back to us within 2 weeks. </span></span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">We will appreciate it if you can resubmit your report to Samsung TV Bug Bounty. Our team will get back to you as soon as possible. </span></span></span></span></span></span></span></span></span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"></span></span></span></span></span></span></span> </p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">Thanks again for your contibution to Tizen. </span></span></span></span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"></span></span></span></span></span></span></span></span> </p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">We hope to see you soon on our program. </span><a target="_blank"  href="https://samsungtvbounty.com" rel="noopener" data-mce-href="m/redirect?url=https%3A//samsungtvbounty.com&hash=fd35c6f25c26b1497ae4109da41489d9"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">https://samsungtvbounty.com</span></a><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"> </span></span></span></span></span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"></span></span></span></span></span></span></span></span></span> </p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">Best regards, </span></span></span></span></span></span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;">Samsung Smart TV Bug Bounty Team </span></span></span></span></span></span></span></span></span></span></span></p><p style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;" data-mce-style="font-size: 10pt; font-family: 'Courier New'; margin: 0cm 0cm 0pt;"><span lang="EN-US"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Calibri; color: #000000;" data-mce-style="font-size: 10pt; font-family: Calibri; color: #000000;"><span style="font-size: 10pt; font-family: Arial; color: #000000;" data-mce-style="font-size: 10pt; font-family: Arial; color: #000000;"></span></span></span></span></span></span></span></span></span></span></span> </p><table id="RMCJNQCVbannersignimg" class="mce-item-table"><tbody><tr><td><p> </p></td></tr></tbody></table><table id="RMCJNQCVconfidentialsignimg" class="mce-item-table"><tbody><tr><td><p><img style="border: 0px solid currentColor; width: 520px; height: 144px; display: inline-block;" src="cid:cafe_image_0@s-core.co.kr" data-mce-src="m/folder/INBOX/28276.cafe_image_0%40s-core.co.kr/view/cid/1" data-mce-style="border: 0px solid currentColor; width: 520px; height: 144px; display: inline-block;"/> </p></td></tr></tbody></table></div></div><img  src="http://ext.samsung.net/mail/ext/v1/external/status/update?userid=secbugbounty&do=bWFpbElEPTIwMTcxMjE1MTAyMTA4ZXBjbXMxcDEzMzBkMGNjN2JiMzliN2I1YTM0NGJlOWE4NTYxMTk5MyZyZWNpcGllbnRBZGRyZXNzPW5vZ2luc2tAcmFtYmxlci5ydQ__" border="0" width="0" height="0" style="display: none;" data-mce-src="p/iwz-KsZRpE7SxD8OGBKH0w/http/ext.samsung.net/mail/ext/v1/external/status/update?userid=secbugbounty&do=bWFpbElEPTIwMTcxMjE1MTAyMTA4ZXBjbXMxcDEzMzBkMGNjN2JiMzliN2I1YTM0NGJlOWE4NTYxMTk5MyZyZWNpcGllbnRBZGRyZXNzPW5vZ2luc2tAcmFtYmxlci5ydQ__" data-mce-style="display: none;"/></div></div></div><div class="messageBodyContainer" id="part"><div class="messageBodyContainer" id="part"><br></div></div></div></blockquote>