Telegram Desktop App Leaked Ip Addresses During Voice Call
Dhiraj Mishra, a security researcher, discovered a vulnerability (CVE-2018-17780) in the official Desktop version of Telegram (tdesktop) for Windows, Mac, Linux, and Telegram Messenger for Windows apps that exposed and recorded the IP address of a user by default while taking a call due to its peer-to-peer (P2P) framework. The app leaked both public and private IP addresses during voice calls. Although users can disable P2P calls option in iOS and Android, they do not have an option to turn off the feature in the desktop client of the app and its Windows application....