Telegram RCE(twitter.com)
twitter.com
Telegram RCE
https://twitter.com/CertiKAlert/status/1777634014049796181
10 コメント
Telegram answered on Twitter/X:
"We can't confirm that such a vulnerability exists. This video is likely a hoax."
https://twitter.com/telegram/status/1777677055837995151
"We can't confirm that such a vulnerability exists. This video is likely a hoax."
https://twitter.com/telegram/status/1777677055837995151
Anyone have any info on this, how serious it is etc? Very vague post.
Seems like a revive of:
https://github.com/desktop-app/lib_webview/commit/77b1712a8f... (2022)
where you could open an app by running window.open("C:\Windows\system32\cmd.exe")
This is a guess based on the behavior in the video, and on the recent fix on Media Preview feature of "Instant View" attachments: https://github.com/telegramdesktop/tdesktop/commit/eaaa704fa... (3 days ago)
so potentially could be just to send an Instant View link pointing to an executable app instead of a website.
where you could open an app by running window.open("C:\Windows\system32\cmd.exe")
This is a guess based on the behavior in the video, and on the recent fix on Media Preview feature of "Instant View" attachments: https://github.com/telegramdesktop/tdesktop/commit/eaaa704fa... (3 days ago)
so potentially could be just to send an Instant View link pointing to an executable app instead of a website.
And that's why I'm using Unigram on Windows: it runs in a sandbox.
https://github.com/UnigramDev/Unigram
https://github.com/UnigramDev/Unigram
No one has confirmed the vulnerability, there is only a video showing the vuln, it is most likely fake.
Video: https://t.me/exploitorg/30?comment=31
Video: https://t.me/exploitorg/30?comment=31
If you’re using a fully-fledged OS for your secure comms (and using telegram off of a mobile device to start with), this probably isn’t your biggest threat.
Disabling of automatic media parsing as suggested is absolutely a wise choice.
This would be pretty bad indeed if it were wormable.
Disabling of automatic media parsing as suggested is absolutely a wise choice.
This would be pretty bad indeed if it were wormable.
this does seem to be nonsense, but people do really need to consider Telegram to be highly untrustworthy and not providing any privacy guarantees at all.
for some reason, lots of people consider it to be a similar sort of thing to Signal, but it's not - Signal takes privacy and security extremely seriously, Telegram ... does not.
for some reason, lots of people consider it to be a similar sort of thing to Signal, but it's not - Signal takes privacy and security extremely seriously, Telegram ... does not.
The tweet has been deleted, is there an archive?
Possibly this one https://twitter.com/CertiKAlert/status/1777632812700713254
Having that said, I think this should still be rejected by the server so it's weird that it worked that way. However, the issue is not as bad as the video claims it to be, a user will be warned.