The host is installed with Telegram Desktop 1.3.14 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could leak end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.