Telegram Messenger
Monthly
Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.