Xfinity Home & xFi

Summary

Xfinity Home & xFi seems to have a Bug Bounty or Vulnerability Disclosure program managed at Bugcrowd. Our bots had reported us they appear to be offering rewards 💸 💰 👀.

As this page is programmatically generated, we do not guarantee the accuracy or completeness of the data and cannot be held liable for any errors or omissions. Users are advised to verify the information directly from the official sources before taking any action based on the content found on this website.

References

https://bugcrowd.com/xfinity-home

In Scope

*-cvr-aws-*.sys.comcast.net

*.dh-commerce.com

*.ssr.ccp.xcal.tv

*.xfinityhome.com

*.xfiplatform.com

*signalservice.comcast.net

Home.xfinity.com

Internet.xfinity.com

Xfinity Android mobile app

Xfinity Home Android mobile app

Xfinity Home Hardware (items listed below in brief)

Xfinity Home cameras

Xfinity Home iOS mobile app

Xfinity iOS mobile app

aiq-prod.codebig2.net

csp-pci.prod.codebig2.net

gw.api.dh.comcast.com

https://apps.apple.com/us/app/xfinity/id1178765645

https://csp-prod.codebig2.net

https://home.xfinity.com

https://play.google.com/store/apps/details?id=com.xfinity.digitalhome&hl=en_US&gl=US

orc-xfi.com

siorc.xfinity.com

smartinet.xfinity.com

speedtest.xfinity.com

xFi Gateways (e.g., XB3, XB6, XB7)

xFi Pods

xhomeapi-*.cloud.comcast.net

xhomeapi-*.codebig2.net

Out of Scope

*.adnxs.com

*.adobedtm.com

*.amazon-adsystem.com

*.appcenter.ms

*.cimcontent.net

*.criteo.net

*.demdex.net

*.fwmrm.net

*.hfc.comcastbusiness.net

*.hsd1.*.comcast.net

*.identity.xfinity.com

*.kampyle.com

*.openx.net

*.pulseinsights.com

*.webcontentassessor.com

*.wurfulcloud.com

*.xerxessecure.com

10.0.0.0/8

172.26.128.0/18

184.112.0.0/13

184.122.0.0/15

3rd Party Devices (known as Works with Xfinity)

50.128.0.0/12

50.152.0.0/13

96.201.0.0/16

96.202.128.0/17

96.203.0.0/16

\*\business.comcast.com

https://login.xfinity.com

oauth.xfinity.com