Cybernews researchers have uncovered critical misconfigurations on two Tencent Cloud subdomains that exposed sensitive credentials and internal source code for months, posing risks to millions of Tencent Cloud users.
Tencent Cloud is one of the largest global cloud providers, serving over 10 million users worldwide across gaming, finance, communications, and enterprise sectors.
Key takeaways:
- One of the affected services was related to Tencent’s internal load balancer, and another subdomain was a deployment of JEECG, an open-source development platform promoted by Tencent Cloud.
- The hardcoded credentials appeared to grant direct access to Tencent Cloud’s administrative console.
- The environment files with hardcoded administrative console credentials and the .git directory have been publicly accessible for months.
- The exposed passwords were also weak and vulnerable to dictionary attacks. They were composed using the company name, the year, and some symbols.
- Tencent acknowledged it as a “known issue” and closed access.
Leak significance
A malicious actor with access to the misconfigured files and directories could potentially:
- Gain full administrative access to the production systems
- Tamper with internal API services
- Attach malicious payloads to the trusted front-end code
- Pivot further into Tencent’s internal cloud infrastructure
- Or simply abuse the trusted Tencent domain for malicious phishing campaigns
To read the full research, please click here.
Like this:
Like Loading...
Related
This entry was posted on August 27, 2025 at 11:54 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Major cloud provider Tencent Cloud exposes sensitive credentials
Cybernews researchers have uncovered critical misconfigurations on two Tencent Cloud subdomains that exposed sensitive credentials and internal source code for months, posing risks to millions of Tencent Cloud users.
Tencent Cloud is one of the largest global cloud providers, serving over 10 million users worldwide across gaming, finance, communications, and enterprise sectors.
Key takeaways:
Leak significance
A malicious actor with access to the misconfigured files and directories could potentially:
To read the full research, please click here.
Share this:
Like this:
Related
This entry was posted on August 27, 2025 at 11:54 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.