CVE-2018-17780

Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.

Published : 2018-09-29 19:29 Updated : 2018-12-06 20:25

4.0
CVSS Score More info
Score 4.0 / 10
4.0
Vendor Product Version URI
Telegram Telegram Desktop 1.3.14 cpe:/a:telegram:telegram_desktop:1.3.14
Telegram Telegram Messenger 3.3.0.0 cpe:/a:telegram:telegram_messenger:3.3.0.0::~~~windows~~
  1. Telegram (2) Search CVE
    1. Telegram Messenger (1) Search CVE
      1. 3.3.0.0
    2. Telegram Desktop (1) Search CVE
      1. 1.3.14

CWE

ID Name Description Links
CWE-200 Information Exposure An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. CVE

History of changes

Date Event
2018-12-06 20:25
2018-10-10 10:29
2018-09-29 19:29

New CVE