Vulnerability Description
The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the "Secret chats > Preview links" setting
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Telegram | Telegram | 4.9.1 |
| Telegram | Web | 0.7.0 |
Related Weaknesses (CWE)
References
- https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguirExploitThird Party Advisory
- https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.htmlExploitThird Party Advisory
- https://misteralfa-hack.blogspot.com/2018/12/abusando-de-telegram-para-conseguirExploitThird Party Advisory
- https://misteralfa-hack.blogspot.com/2018/12/telegram-siempre-in-middle.htmlExploitThird Party Advisory
FAQ
What is CVE-2018-20436?
CVE-2018-20436 is a vulnerability with a CVSS score of 8.1 (HIGH). The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent...
How severe is CVE-2018-20436?
CVE-2018-20436 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-20436?
Check the references section above for vendor advisories and patch information. Affected products include: Telegram Telegram, Telegram Web.