Vulnerability Disclosure Policy

NET-LINE GmbH values the work of security researchers and the broader security community. If you believe you have discovered a security vulnerability in one of our systems, we encourage you to report it to us responsibly so that we can investigate and address the issue.

We are committed to maintaining the security and integrity of our services and appreciate responsible disclosure.

Reporting a Vulnerability

If you discover a potential security vulnerability, please report it to:

security@netline-services.de

Please include as much detail as possible to help us reproduce and evaluate the issue, such as:

  • affected domain, service, or product
  • description of the vulnerability
  • steps to reproduce
  • proof-of-concept or screenshots (if available)
  • potential impact

We will acknowledge receipt of your report as soon as possible.

Responsible Disclosure Guidelines

When conducting security research on our systems, please adhere to the following guidelines:

  • Act in good faith and avoid privacy violations, data destruction, or service disruption.
  • Only test systems that you are authorized to interact with.
  • Do not access, modify, or delete data that does not belong to you.
  • Do not attempt social engineering, phishing, or physical security attacks.
  • Avoid automated high-volume scanning that could affect system stability.
  • Immediately stop testing if you encounter sensitive data and report the issue to us.

Scope

This policy applies to services and systems operated by NET-LINE GmbH, including domains under:

*.netline-services.de

Third-party services and infrastructure providers are not in scope and should be reported directly to the respective provider.

Safe Harbor

If you act in good faith and follow this policy, NET-LINE GmbH will not pursue legal action against you for your security research.

Rewards

NET-LINE GmbH does not operate a public bug bounty program.

While we appreciate security reports and may acknowledge significant findings at our discretion, financial rewards are not guaranteed.

Our Commitment

When you report a vulnerability responsibly, we will:

  • acknowledge your report
  • investigate the issue
  • work to remediate valid vulnerabilities in a timely manner
  • keep you informed where appropriate

Coordinated Disclosure

We request that you do not publicly disclose a vulnerability until we have had a reasonable opportunity to investigate and address the issue.

Thank you for helping us keep our systems and users secure.