CVE-2026-0778

CVE-2026-0778 concerns Enel X JuiceBox 40 Telnet service. The Telnet daemon, listening on TCP 2000, lacks authentication before allowing remote connections, enabling network-adjacent attackers to execute arbitrary code with the service account context. Documents from ZDI, Red Hat, NVD, CVE listin...

Enel X JuiceBox 40: Access control error vulnerability

The Enel X JuiceBox 40 is a household electric vehicle charging station developed by the American company Enel X. The Enel X JuiceBox 40 has a access control vulnerability, which stems from the lack of authentication in the Telnet service. This vulnerability may lead to remote code execution...

Exploit for CVE-2026-24061

CVE-2026-24061 Telnet RCE Exploit - By SafeBreach Labs This s...

Exploit for CVE-2026-24061

CVE-2026-24061 GNU inetutils-telnetd Remote Authentication By...

gnu_telnetd_auth_bypass

GNU telnetd Authentication Bypass Vulnerability PoC Vulnerabili...

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

MiracleLinux 8 : telnet-0.17-73.el8.1 (AXSA:2020-158:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-158:03 advisory. telnet-server: no bounds checks in nextitem function allows to remotely execute arbitrary code CVE-2020-10188 Tenable has extracted the preceding description...

MiracleLinux 4 : telnet-0.17-49.AXS4 (AXSA:2020-4689:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4689:02 advisory. telnet-server: no bounds checks in nextitem function allows to remotely execute arbitrary code CVE-2020-10188 Tenable has extracted the preceding description...

MiracleLinux 8 : curl-7.61.1-22.el8 (AXSA:2021-2762:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2762:06 advisory. curl: Leak of authentication credentials in URL via automatic Referer CVE-2021-22876 curl: TELNET stack contents disclosure CVE-2021-22898 curl:...

PT-2026-3756

Name of the Vulnerable Software and Affected Versions GNU Inetutils versions 1.9.3 through 2.7 Description GNU Inetutils telnetd is vulnerable to a remote authentication bypass. An attacker can exploit this flaw by manipulating the USER environment variable, specifically by setting it to "-f root...

MiracleLinux 4 : krb5-appl-1.0.1-10.AXS4 (AXSA:2020-4695:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4695:01 advisory. telnet-server: no bounds checks in nextitem function allows to remotely execute arbitrary code CVE-2020-10188 Tenable has extracted the preceding description...

VulnCheck KEV: CVE-2025-0890

UNSUPPORTED WHEN ASSIGNED Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00AAFR.4C020170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but...

MiracleLinux 7 : telnet-0.17-65.el7 (AXSA:2020-4688:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4688:01 advisory. telnet-server: no bounds checks in nextitem function allows to remotely execute arbitrary code CVE-2020-10188 Tenable has extracted the preceding description...

CVE-2021-47796

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system...

CVE-2021-47796

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system...

Denver SHC-150 Trust Management Vulnerability

The Denver SHC-150 is an indoor surveillance camera produced by the Danish company Denver. The Denver SHC-150 has a trust management vulnerability, which stems from hard-coded telnet credentials. This vulnerability could allow unauthenticated attackers to access the Linux shell...

CVE-2021-47796

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system...

CVE-2021-47796 Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system...

CVE-2021-47796

CVE-2021-47796 affects the Denver SHC-150 Smart Wifi Camera. It exposes a hardcoded telnet credential allowing unauthenticated access to a Linux shell over port 23, enabling arbitrary command execution on the device. The CVSS metrics in the provided records indicate CRITICAL impact (high confiden...

CVE-2021-47796 Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system...