Report a vulnerability

Please describe in your report as clearly as possible how the issue can be reproduced; this helps us resolve it quickly. In most cases, the IP address or URL of the affected system and a description of the vulnerability will suffice. For more complex vulnerabilities, additional information may be required. If you choose to leave your contact details, we will get in touch with you.

Please make sure that:

You report the vulnerability as soon as possible after discovering it.
You do not share information about the security issue with others until you hear from us or the issue has been resolved.
You handle knowledge of the security issue responsibly, for example by not performing any actions beyond what is necessary to demonstrate the vulnerability.

What should you avoid?

Always refrain from the following actions:

- Installing malware
- Copying, modifying, or deleting data from a system
- Making changes to the system
- Repeatedly accessing the system or sharing access with others
- Using brute force to gain access to a system
- Using denial-of-service attacks or social engineering techniques

Report a vulnerability

Principles of Our Policy

When you report a vulnerability in accordance with the procedure, we have no reason to impose legal consequences related to your report. We treat your report confidentially and do not share personal data with third parties without your consent, unless required by law or by court order.

We will only mention your name as the discoverer of the reported vulnerability with your explicit permission.

You will receive an acknowledgment of receipt within one working day. Within 15 working days, we will respond to your report with an assessment. We will keep you informed about the progress of resolving the issue.

Intergas Verwarming BV aims to resolve the reported security issue in a system within 60 days. In consultation with you, we will determine whether and how the issue will be publicly disclosed after it has been resolved.