CNNVD-202506-3116 Information

CNNVD ID

CNNVD-202506-3116

Related CVE

CVE-2025-52571

• CNNVD Published: 2025-06-24

Description (Chinese)

Hikka是Daniil Gazizullin个人开发者的一个面向开发者的Telegram用户机器人。 Hikka 1.6.2之前版本存在授权问题漏洞，该漏洞源于未经验证的攻击者可获取受害者Telegram账户和服务器完全访问权限。

Description (English)

Hikka is a Telegram user robot for developers by Daniil Gazizullin’s personal developer. Prior to Hikka 1.6.2, there was a mandate gap, which stemmed from the fact that uncertified assailants had full access to the victim Telegram account and server.

Hazard Level

Low

Vulnerability Type

授权问题

Affected Vendor

Live Support

Published

2025-06-24

Last Modified

2026-02-24

References

https://github.com/hikariatama/Hikka/commit/9a0e4b1b387ef828c345c43d990421d5afcff5f6 https://github.com/hikariatama/Hikka/security/advisories/GHSA-vwpq-wm8w-44wf https://access.redhat.com/security/cve/cve-2025-52571

Patch

https://github.com/hikariatama/Hikka/releases