1. Home
  2. Bug Bounty Programs
  3. MTN Group
HackerOne · VDP

MTN Group Vulnerability Disclosure Program

Complete guide to MTN Group's vulnerability disclosure program on HackerOne. View in-scope assets, reward amounts, response times, and tips for finding vulnerabilities.

Program Overview

MTN Group runs a vulnerability disclosure program on HackerOne. The program has 494 in-scope assets and is managed by HackerOne's triage team.

494
In-Scope Assets
3h
Avg Response
100%
Efficiency
125d
Avg Resolve

In-Scope Assets

AssetTypeMax SeverityEligible
10.51.175.34IP_ADDRESSMediumNo Bounty
102.37.59.117IP_ADDRESSMediumNo Bounty
102.88.18.116IP_ADDRESSMediumNo Bounty
102.88.18.139IP_ADDRESSMediumNo Bounty
102.88.18.208IP_ADDRESSMediumNo Bounty
102.88.18.222IP_ADDRESSMediumNo Bounty
104.155.11.146IP_ADDRESSMediumNo Bounty
134.122.111.176IP_ADDRESSMediumNo Bounty
192.0.66.55IP_ADDRESSMediumNo Bounty
196.201.32.0/24CIDRMediumNo Bounty
196.201.33.0/24CIDRMediumNo Bounty
196.201.33.219IP_ADDRESSMediumNo Bounty
196.201.56.0/24CIDRMediumNo Bounty
196.201.57.0/24CIDRMediumNo Bounty
196.201.57.173IP_ADDRESSMediumNo Bounty
196.201.57.174IP_ADDRESSMediumNo Bounty
196.201.59.0/24CIDRMediumNo Bounty
197.210.12.150IP_ADDRESSMediumNo Bounty
197.210.12.209IP_ADDRESSMediumNo Bounty
197.210.12.215IP_ADDRESSMediumNo Bounty
197.210.12.228IP_ADDRESSMediumNo Bounty
197.210.12.229IP_ADDRESSMediumNo Bounty
197.210.12.234IP_ADDRESSMediumNo Bounty
197.210.2.100IP_ADDRESSMediumNo Bounty
197.210.248.13IP_ADDRESSMediumNo Bounty
197.210.3.24IP_ADDRESSMediumNo Bounty
197.210.3.30IP_ADDRESSMediumNo Bounty
197.210.3.49IP_ADDRESSMediumNo Bounty
197.210.3.60IP_ADDRESSMediumNo Bounty
34.95.93.220IP_ADDRESSMediumNo Bounty
4.221.105.0IP_ADDRESSMediumNo Bounty
4.221.118.253IP_ADDRESSMediumNo Bounty
41.181.247.123IP_ADDRESSMediumNo Bounty
41.208.50.211IP_ADDRESSCriticalNo Bounty
41.216.70.2 IP_ADDRESSMediumNo Bounty
41.216.70.4 IP_ADDRESSMediumNo Bounty
41.216.70.5IP_ADDRESSMediumNo Bounty
41.220.77.126IP_ADDRESSMediumNo Bounty
41.220.77.13IP_ADDRESSMediumNo Bounty
41.220.77.79IP_ADDRESSMediumNo Bounty
41.222.32.131IP_ADDRESSMediumNo Bounty
41.223.116.118IP_ADDRESSMediumNo Bounty
41.223.117.5IP_ADDRESSMediumNo Bounty
41.57.87.244IP_ADDRESSMediumNo Bounty
41.79.218.66IP_ADDRESSMediumNo Bounty
_domainconnect.gd.domaincontrol.comURLMediumNo Bounty
ac1-mymtn-app01.mtngh.root.netURLCriticalNo Bounty
ac1-mymtn-app02.mtngh.root.netURLCriticalNo Bounty
ac1-mymtn-app03.mtngh.root.netURLCriticalNo Bounty
ac1-mymtn-db-01.mtngh.root.netURLCriticalNo Bounty

Showing 50 of 494 in-scope assets. View all on HackerOne.

Out-of-Scope Assets

  • *.mtnfootball.com
  • 41.189.179.249
  • 41.216.67.108
  • 41.216.78.13
  • 41.216.80.172
  • achom.ir
  • areeba.com.gh
  • areeba.com.gn
  • electricityservices.mtn.com.sy
  • equity-group.org
  • faulucareers.co.ke
  • gameplus.mtnonline.com
  • games.mtnonline.com
  • h14de.n2.ips.mtn.co.ug
  • h1576.n2.ips.mtn.co.ug
  • h163e.n2.ips.mtn.co.ug
  • h18e.n1.ips.mtn.co.ug
  • h19f2.n2.ips.mtn.co.ug
  • h19f6.n2.ips.mtn.co.ug
  • h1b24.n2.ips.mtn.co.ug

Tips for Hacking MTN Group

  1. Read the policy — Understand what's in scope, out of scope, and any specific testing restrictions before you start.
  2. Enumerate the attack surface — Use subdomain enumeration and directory bruteforcing to map all accessible endpoints.
  3. Focus on high-impact bugs — Look for SQL injection, SSRF, and IDOR vulnerabilities first.
  4. Test authentication flows — Check for OAuth misconfigurations and CSRF in login/signup flows.
  5. Write clear reports — Include steps to reproduce, impact assessment, and suggested remediation. Use Burp Suite to capture evidence.

Frequently Asked Questions

How do I start hacking MTN Group?

Sign up on HackerOne, read the program policy carefully, review the in-scope assets listed above, and start testing. Always stay within scope and follow responsible disclosure guidelines.

Does MTN Group pay bounties?

No, MTN Group runs a Vulnerability Disclosure Program (VDP) without monetary rewards. You may receive recognition or swag.

What types of vulnerabilities does MTN Group accept?

MTN Group accepts reports for vulnerabilities found in their 494 in-scope assets. Common accepted vulnerability types include XSS, SQL injection, SSRF, IDOR, authentication bypass, and RCE. Check the program policy for specific exclusions.

Similar Programs on HackerOne

MercadoLibre

HackerOne · Bug Bounty · 68 assets

Wealthsimple

HackerOne · Bug Bounty · 4 assets

Hex

HackerOne · VDP · 3 assets