Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM SGNL (aka Archive Signal) app with the credentials of logfile for the user and enRR8UVVywXYbFkqU#QDPRkO for the password.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
TeleMessage archiving backend 安全漏洞
Vulnerability Description
TeleMessage archiving backend是以色列TeleMessage公司的一个企业级通信归档平台,支持短信/语音/社交媒体的合规存储与审计。 TeleMessage archiving backend 2025-05-05及之前版本存在安全漏洞,该漏洞源于API调用使用硬编码凭据,可能导致身份验证绕过。
CVSS Information
N/A
Vulnerability Type
N/A