6479 matches found
CVE-2026-22320
A stack-based buffer overflow in the CLI’s TFTP file-transfer command handling can be triggered by a low-privileged attacker with Telnet/SSH access by supplying an unexpected or oversized filename input. This memory corruption affects the internal buffer, rendering the CLI and web dashboard unava...
PT-2026-26036
A stack-based buffer overflow in the CLI's TFTP file‑transfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized filename input. Exploitation results in the corruption of the internal buffer, causing the CLI a...
CVE-2026-23759 Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'
Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an 'sh -c'...
CVE-2026-23759 Perle IOLAN STS/SCS Authenticated Command Injection via 'shell ps'
Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command does not perform proper argument sanitization and passes user-supplied parameters into an 'sh -c'...
CVE-2026-23759
CVE-2026-23759 affects Perle IOLAN STS/SCS terminal server models with firmware earlier than 6.0. The issue is an authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell's handling of the ps subcommand does not sanitize arguments, passing user-supplied p...
EUVD-2026-12154
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
DEBIAN-CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
UBUNTU-CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
GNU Inetutils 安全漏洞
GNU Inetutils is a set of common network programs from the GNU community in the United States. Versions of GNU Inetutils 2.7 and earlier contained security vulnerabilities, which stemmed from the telnet protocol allowing servers to read arbitrary environment variables from clients through...
Linux Distros Unpatched Vulnerability : CVE-2026-32772
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR. CVE-2026-32772 Note that...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
CVE-2026-32772 affects the inetutils telnet implementation (GNU inetutils) up to version 2.7. The issue allows a server to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR, leading to information disclosure. Debians advisories (DSA-6193-1, dla-4527-1) note that fixes...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32746
telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check whether the buffer is full...
Linux Distros Unpatched Vulnerability : CVE-2026-32746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check...
EUVD-2026-11655
A command injection vulnerability has been identified in the Telnet command-line interface CLI of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute...