Critical Remote Auth Bypass in GNU telnetd (CVE-2026-24061)

Critical Remote Auth Bypass in GNU telnetd (CVE-2026-24061)

First seen 29 Jan 2026, 22:53 UTC SocprimeOffensive-SecurityUbuntuLinuxsecurityCybersecuritynews 81% similarity 56.2

Article Content

Browse articles
ThreatCluster

CVE-2026-24061 is a remote authentication bypass vulnerability in GNU InetUtils telnetd, affecting versions 1.9.3 through 2.7. An unauthenticated attacker can exploit this flaw by supplying a specially crafted USER environment variable, allowing root-level access. The vulnerability has a CVSS score of 9.8.

ThreatCluster AI

Community

Browse all →