Published: 23/08/2019 Updated: 21/07/2021

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The Privacy > Phone Number feature in the Telegram app 5.10 for Android and iOS provides an incorrect indication that the access level is Nobody, because attackers can find these numbers via the Group Info feature, e.g., by adding a significant fraction of a region's assigned phone numbers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
telegram telegram 5.10.0

This app can reval numbers of telegram users and write them to csv.

RevalTeleNumbersCSV poc This app can reval telegram user information for given number and write them to csv the app does that by adding a significant fraction of a region's assigned phone numbers so you need to configure the phone str it work and depend on CVE-2019-15514 if the random number have telegram account this app write his username, id, and phone number to c

All OSINT Collection

OSINT Collection Osint collection to make it easier to find the best choice of tools Name Repository OSINT-Framework githubcom/lockfale/OSINT-Framework Osintgram githubcom/Datalux/Osintgram Toutatis githubcom/megadose/toutatis Oh365UserFinder githubcom/dievus/Oh365UserFinder Telegram_User_Number_Finder githubcom/swag

NVD-CWE-noinfo https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub https://nvd.nist.gov https://github.com/didi2223/RevalTeleNumbersCSV

CVE-2019-15514

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect