My Journey to the Nokia Security Hall of Fame

Umair Farooqui ✪
2 min readMay 1, 2024

--

Hey everyone, it’s Umair Farooqui here, also known as “mufazmi”. I’m thrilled to share my journey with you all, from discovering vulnerabilities to landing a spot in the prestigious Nokia Security Hall of Fame.

Discovering Vulnerabilities:

A few weeks ago, I stumbled upon a couple of SQL injection vulnerabilities within Nokia’s systems. Excited to contribute to their security, I promptly reported my findings. Unfortunately, they turned out to be duplicates. Undeterred, I continued my quest and uncovered weak credentials on one of their FTP servers. Again, my report was marked as a duplicate. But I didn’t give up.

Exploring Further:

I decided to delve deeper into Nokia’s infrastructure, using tools like SubFinder to identify all in-scope subdomains. With my list in hand, I meticulously tested each one, leading me to discover multiple XSS vulnerabilities. I reported all of them, but unfortunately, most were duplicates. However, two new XSS vulnerabilities caught the attention of the Nokia Security Team.

Recognition from Nokia:

Just when I thought my efforts might go unnoticed, I received an email from the Nokia Security Team. They thanked me for my findings and informed me that my name would be added to their Hall of Fame. Overjoyed, I promptly replied, requesting my name to be listed as “Umair Farooqui”.

Email Exchange:

Hall of Fame Listing:

About five days later, I eagerly checked Nokia’s Hall of Fame page, and there it was — my name, proudly displayed among other security enthusiasts. What a moment of pride and accomplishment!

Conclusion:

Being recognized by Nokia for my contributions to their security has been an incredible experience. It’s a reminder that dedication and perseverance pay off, even in the world of cybersecurity. I’m grateful for the opportunity to make a difference and look forward to continuing my journey in securing digital spaces.

Stay tuned for more adventures in cybersecurity!

Umair Farooqui

https://www.linkedin.com/in/mufazmi

https://www.nokia.com/notices/responsible-disclosure/

--

--

Umair Farooqui ✪

I am a Full Stack Developer 👩‍💻 | Security Researcher 📖 | Open Source Lover ❤ | Bug Hunter🐞| Penetration Tester💻