Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/06/26 8:18 p.m.16 views

CVE-2025-52572

Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does not have an authenticated session: attacker can use his own Telegram account to gain RCE to the server by authorizing in the dangling web interface. 2. Web...

10CVSS8.1AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/26 8:18 p.m.16 views

CVE-2025-52571

Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known...

9.6CVSS7.4AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2025/06/24 8:10 p.m.20 views

CVE-2025-52572

Hikka (Telegram userbot) is affected by an RCE/account-takeover vulnerability via the web interface. If the web UI has no authenticated session, an attacker can abuse access via their own Telegram account to gain RCE on the server. If an authenticated session exists, users may be tricked into app...

10CVSS8AI score0.00619EPSS
Exploits0References2
CVE
CVE
added 2025/06/24 8:7 p.m.27 views

CVE-2025-52571

Hikka is a Telegram userbot vulnerable to an unauthenticated credential/remote access issue in all versions below 1.6.2. The root cause enables an attacker to gain access to a victim’s Telegram account and full control of the server. The vulnerability is patched in version 1.6.2; no public workar...

9.6CVSS7.3AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/24 8:7 p.m.5 views

CVE-2025-52571 Hikka vulnerable to RCE through edits in a channel

Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known...

9.6CVSS7.3AI score0.00284EPSS
Exploits0References2
Rows per page
Query Builder