CVE-2024-7014
HIGH EXPLOITEDTelegram < 10.14.5 - Improper Input Validation
Title source: ruleDescription
EvilVideo vulnerability allows sending malicious apps disguised as videos in Telegram for Android application affecting versions 10.14.4 and older.
Exploits (2)
nomisec
WORKING POC
13 stars
by absholi7ly · client-side
https://github.com/absholi7ly/PoC-for-CVE-2024-7014-Exploit
Scores
CVSS v3
8.1
EPSS
0.1755
EPSS Percentile
95.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Details
VulnCheck KEV
2024-07-22
CWE
CWE-20
Status
published
Products (1)
telegram/telegram
< 10.14.5
Published
Jul 23, 2024
Tracked Since
Feb 18, 2026