MobinNet Router- Remote Code Execution

2021.08.11

Aryan Chehreghani (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: In Shodan search engine, the filter is mobinnet country:"ir"

# Exploit Title: MobinNet Router- Remote Code Execution (PoC)
# Google Dork: In Shodan search engine, the filter is  mobinnet country:"ir" 
# Date: 2021-08-11
# Exploit Author: Aryan Chehreghani
# Vendor Homepage: https://mobinnet.ir
# Version: N/A
# Tested on: Windows 10

#About-Mobinnet
#Dedicated Internet services, extensive communication networks and managed Internet, as well as a wide range of #data center services such as virtual and dedicated servers. In recent years, IoT-based services and cloud computing #have been added to Mobinnet's product portfolio, creating integrated services in the field of home, office and #organization services.

#POC
#1.Find Targets With (mobinnet country:"ir) ==> SHODAN Filter
#2.Download Form App (.exe) File
#4.Copy IP And Port Targets
#5.paste ip & port in textbox and Enter CMD => For Example ( ls )

#Proof of Concept:
#Github : https://github.com/TAPESH-TEAM/MobinNet-RCE

References:

https://github.com/TAPESH-TEAM/MobinNet-RCE

See this note in RAW Version

Vote for this issue:

66%

34%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

MobinNet Router- Remote Code Execution

Dork: In Shodan search engine, the filter is mobinnet country:"ir"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.