Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

186 matches found

Packet Storm
Packet Stormadded 2026/05/08 12:0 a.m.31 views

📄 telnetd 2.7 Buffer Overflow

telnetd version 2.7 addslc remote buffer overflow exploit that achieves root. Exploit Title: telnetd 2.7 - Buffer Overflow Google Dork: N/A Date: 2026-04-03 Exploit Author: Jeff Barron jeffaf Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils...

9.8CVSS7.7AI score0.053EPSS
Exploits8
Mageia
Mageiaadded 2026/05/07 5:6 a.m.5 views

Updated krb5-appl packages fix security vulnerability

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check whether the buffer is full. CVE-2026-32746...

9.8CVSS7.6AI score0.053EPSS
Exploits8References2
Exploit DB
Exploit DBadded 2026/05/07 12:0 a.m.38 views

telnetd 2.7 - Buffer Overflow

Exploit Title: telnetd 2.7 - Buffer Overflow Google Dork: N/A Date: 2026-04-03 Exploit Author: Jeff Barron jeffaf Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: inetutils-telnetd through 2.7 patch pending in next release Tested...

9.8CVSS7.5AI score0.053EPSS
Exploits8
NVD
NVDadded 2026/05/04 5:16 p.m.8 views

CVE-2026-42376

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

9.8CVSS0.00175EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/04 4:3 p.m.3 views

CVE-2026-42376

D-Link DIR-456U Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01dlobdir456U" read from /etc/config/imagesign. The custom telnetd...

9.8CVSS5.8AI score0.00175EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/05/04 4:0 p.m.1 views

CVE-2026-42374

D-Link DIR-600L Hardware Revision B1 End-of-Life contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61dlwbrdir600L" read from /etc/alphaconfig/imagesign. The custom telnetd binary accep...

9.8CVSS5.8AI score0.0018EPSS
Exploits1References2
EUVD
EUVDadded 2026/05/04 3:53 p.m.1 views

EUVD-2026-27021

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

8.8CVSS5.8AI score0.00062EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/17 9:31 p.m.0 views

EUVD-2026-23521

Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resulting in root‑level access...

8.8CVSS6AI score0.00233EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/03/20 10:23 a.m.136 views

Exploit for CVE-2026-32746

CVE-2026-32746 - telnetd LINEMODE SLC Buffer Overflow Pre-aut...

9.8CVSS7.1AI score0.053EPSS
Exploits8
The Hacker News
The Hacker Newsadded 2026/03/18 12:30 p.m.14 views

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

Cybersecurity researchers have disclosed a critical security flaw impacting the GNU InetUtils telnet daemon telnetd that could be exploited by an unauthenticated remote attacker to execute arbitrary code with elevated privileges. The vulnerability, tracked as CVE-2026-32746 , carries a CVSS score...

9.8CVSS8.5AI score0.91526EPSS
Exploits65
Cvelist
Cvelistadded 2026/03/13 5:15 p.m.23 views

CVE-2026-32746

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check whether the buffer is full...

9.8CVSS0.053EPSS
Exploits8References2
GithubExploit
GithubExploitadded 2026/02/27 7:54 p.m.161 views

Exploit for CVE-2026-28372

CVE-2026-28372 — GNU inetutils telnetd Privilege Escalation Po...

7.4CVSS6AI score0.00009EPSS
Exploits4
NVD
NVDadded 2026/02/27 6:18 a.m.2 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS0.00009EPSS
Exploits4References9
Debian CVE
Debian CVEadded 2026/02/27 5:28 a.m.2 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS8.4AI score0.00009EPSS
Exploits4
UbuntuCve
UbuntuCveadded 2026/02/27 12:0 a.m.3 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS7.2AI score0.00009EPSS
Exploits4References5
GithubExploit
GithubExploitadded 2026/01/27 2:24 p.m.181 views

Exploit for CVE-2026-24061

CVE-2026-24061 Proof of Concept PoC ⚠️ DISCLAIMER: EDUCA...

9.8CVSS7.2AI score0.91526EPSS
Exploits58
Tenable Nessus
Tenable Nessusadded 2026/01/26 12:0 a.m.3 views

GLSA-202601-01 : inetutils: Remote Code Execution

The remote host is affected by the vulnerability described in GLSA-202601-01 inetutils: Remote Code Execution The telnetd server invokes /usr/bin/login normally running as root passing the value of the USER environment variable received from the client as the last parameter. If the client supply ...

9.8CVSS8.1AI score0.91526EPSS
Exploits58References3
GithubExploit
GithubExploitadded 2026/01/23 5:26 p.m.154 views

Exploit for CVE-2026-24061

CVE-2026-24061 GNU inetutils-telnetd - Remote Authenticati...

9.8CVSS6.4AI score0.91526EPSS
Exploits58
GithubExploit
GithubExploitadded 2026/01/22 2:27 p.m.131 views

Exploit for CVE-2026-24061

CVE-2026-24061 GNU inetutils-telnetd Remote Authentication By...

9.8CVSS5.9AI score0.91526EPSS
Exploits58
Positive Technologies
Positive Technologiesadded 2026/01/20 12:0 a.m.4 views

PT-2026-3756

Name of the Vulnerable Software and Affected Versions GNU Inetutils versions 1.9.3 through 2.7 Description GNU Inetutils telnetd is vulnerable to a remote authentication bypass. An attacker can exploit this flaw by manipulating the USER environment variable, specifically by setting it to "-f root...

10CVSS7.9AI score0.91526EPSS
Exploits58References230
Rows per page
Query Builder