SUSE CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon telnetd that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061 , is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and...

Exploit for CVE-2026-24061

CVE-2026-24061 GNU inetutils-telnetd Remote Authentication By...

VulnCheck KEV: CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

CVE-2026-24061

Summary: CVE-2026-24061 affects GNU Inetutils’ telnetd (up to 2.7) and enables remote authentication bypass by setting the USER environment variable to "-f root". This can lead to unauthorized root access if telnetd is reachable. What’s affected (per provided docs): inetutils telnetd; GNU Inetuti...

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

GNU Inetutils 参数注入漏洞

GNU InetUtils telnetd is a telnet service daemon in the GNU InetUtils suite that listens on TCP port 23 and provides clients with plaintext terminal access based on the Telnet protocol. A remote authentication bypass vulnerability exists in GNU InetUtils Telnetd, which can be exploited to bypass...

PT-2026-3756

Name of the Vulnerable Software and Affected Versions GNU Inetutils versions 1.9.3 through 2.7 Description GNU Inetutils telnetd is vulnerable to a remote authentication bypass. An attacker can exploit this flaw by manipulating the USER environment variable, specifically by setting it to "-f root...

Astra Linux - уязвимость в inetutils

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

EUVD-2021-27668

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-39028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical...

EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1948)

According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...

EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1975)

According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...

Huawei EulerOS: Security Advisory for telnet (EulerOS-SA-2024-1948)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU Inetutils Elevation of Privilege Vulnerability

GNU Inetutils is a collection of network tools from the GNU Project that contains common network management programs such as traceroute, hostname, ifconfig, and others. The toolset is mainly used for functions such as network diagnostics, configuration and system information query. An elevation o...

CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

CVE-2023-40303

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...

Privilege escalation

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...