JLSEC-2026-401

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

curl: Curl Telnet Handler Buffer Overflow

Summary: I found a buffer overflow in curl's telnet protocol handler that allows remote memory corruption without authentication. The bug is in the CURLSBACCUM macro in lib/telnet.c line 69, where the bounds check lets you write one byte past the end of a 512-byte buffer. When curl receives 512+...

CVE-2021-47796

Denver SHC-150 Smart Wifi Camera contains a hardcoded telnet credential vulnerability that allows unauthenticated attackers to access a Linux shell. Attackers can connect to port 23 using the default credential to execute arbitrary commands on the camera's operating system...

CVE-2020-24056

A hardcoded credentials vulnerability exists in Verint 5620PTZ VerintFW042, Verint 4320 V4320FW023, V4320FW031, and Verint S5120FD VerintFW042units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols...

Multi-Regional Cloud Honeypot Dataset (MURHCAD)

This data article introduces a comprehensive, high-resolution honeynet dataset designed to support standalone analyses of global cyberattack behaviors. Collected over a continuous 72-hour window June 9 to 11, 2025 on Microsoft Azure, the dataset comprises 132,425 individual attack events captured...

CVE-1999-0817

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet...

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2023-27533)

A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and telnet options during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform optio...

EUVD-2001-1424

Malware in sbrugna...

EUVD-2020-16792

Malware in sbrugna...

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

...

konsole: Konsole Remote Code Execution Vulnerability

A flaw was found in Konsole. The application's handling of URLs using scheme handlers like ssh://, telnet://, or rlogin:// allows a remote attacker to trigger arbitrary code execution. This issue occurs when a user opens a specially crafted URL, bypassing authentication checks. Consequently, a...

OS Command Exec, Unix Command Shell, Reverse TCP SSL (telnet)

Execute an OS command from PHP. Creates an interactive shell via mkfifo and telnet. This method works on Debian and other systems compiled without /dev/tcp support. This module uses the '-z' option included on some systems to encrypt using SSL. Module Options msf use...

Advisory ROSA-SA-2025-2680

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 packageevrstring: curl-7.61.1-33.0.2 CVE-ID: CVE-2023-27533 BDU-ID: 2023-02107 CVE-Crit: LOW CVE-DESC.: A vulnerability in the curl program line utility is related to communication using the TELNET protocol, which could allow an attacker to pass a...

PT-2024-41068 · Мир Кт-51 +1 · Мир Кт-51 +1

Name of the Vulnerable Software and Affected Versions: МИР КТ-51 and МИР контроллеры affected versions not specified Description: The issue is related to the implementation of the Telnet protocol in the МИР КТ-51 controller and the МИР controller configurator, which involves the transmission of...

Korenix JetPort Series 1.2 Command Injection / Insufficient Authentication

CyberDanube Security Research 20240805-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities in JetPort Series product| Korenix JetPort Series vulnerable version| 1.2 fixed version| None CVE number| CVE-2024-7395, CVE-2024-7396,...

Advisory ROSA-SA-2024-2411

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 packageevrstring: curl-7.61.1-22.rv3.src.rpm CVE-ID: CVE-2021-22897 BDU-ID: 2022-00375 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Transport Layer Security TLS protocol implementation of the libcurl library is due to security flaws in the...

EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2023-2719)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-3395)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : curl (ELSA-2023-6679)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6679 advisory. - unify the upload/method handling CVE-2023-28322 - fix host name wildcard checking CVE-2023-28321 - adapt the fix of CVE-2023-27535 for RHEL 9 curl -...

EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2023-2500)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...