Harpal News
IP Address
Apps Cyber Security Latest Tech News Technology

Telegram leaked IP addresses during the voice call

Telegram desktop app leaked IP addresses in calls – Patch released

Instant messaging app Telegram has released a fix that caused the messaging app to expose users’ IP addresses during voice calls.

Dhiraj Mishra, a security researcher, discovered a vulnerability (CVE-2018-17780) in the official Desktop version of Telegram (tdesktop) for Windows, Mac, Linux, and Telegram Messenger for Windows apps that exposed and recorded the IP address of a user by default while taking a call due to its peer-to-peer (P2P) framework.

The app leaked both public and private IP addresses during voice calls. Although users can disable P2P calls option in iOS and Android, they do not have an option to turn off the feature in the desktop client of the app and its Windows application.

Users can change settings to disable the visibility of their IP address. “Telegram is supposedly a secure messaging application, but it forces clients to only use P2P connection while initiating a call, however, this setting can also be changed from “Settings > Privacy and security > Call> peer-to-peer” to other available options,” Mishra said.

“The tdesktop and telegram for windows breaks this trust by leaking public/private IP address of end user and there was no such option available yet for setting “P2P > nobody” in tdesktop and Telegram for Windows.”

Dhiraj reported the issue to Telegram along with a proof of concept video and got €2,000 as a bug bounty reward. The company promptly issued a fix for the issue in v1.3.17 beta and v1.4.0 of Telegram for desktop to disable the P2P settings.

Read More News Related To Security Click Here

Related posts

Twitter users will be able hide replies soon

Harpal News

How Much You Can Make Money Playing Fortnite

Jayapal Reddy

Vogo backed by Alteria Capital Second Time

Harpal News

Leave a Reply

avatar
  Subscribe  
Notify of