Vulnerability: Leakage of End-User IP Addresses in Telegram Desktop and Telegram WP8.1

Vulnerability: Leakage of End-User IP Addresses in Telegram Desktop and Telegram WP8.1

CVE-2018-17780 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.

Learn more about our Cis Benchmark Audit For Desktop Software.