Lucene search
+L

568 matches found

cnvd
cnvd
added 2026/01/22 12:0 a.m.15 views

GNU InetUtils Telnetd Remote Authentication Bypass Vulnerability

GNU InetUtils telnetd is a telnet service daemon in the GNU InetUtils suite that listens on TCP port 23 and provides clients with plaintext terminal access based on the Telnet protocol. A remote authentication bypass vulnerability exists in GNU InetUtils Telnetd, which can be exploited to bypass...

9.8CVSS5.9AI score0.98871EPSS
Exploits62References1
ncsc
ncsc
added 2026/01/21 2:15 p.m.9 views

Vulnerability fixed in GNU Inetutils telnetd

Security researchers have found a a vulnerability in Inetutils telnetd version 2.7. This vulnerability has been present since version 1.9.3 that came out in 2015, according to the researchers. The vulnerability is in the way the telnetd service handles the USER environment variable. By setting th...

9.8CVSS5.7AI score0.98871EPSS
Exploits62References4
nvd
nvd
added 2026/01/21 7:16 a.m.22 views

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS0.98871EPSS
Exploits62References13
osv
osv
added 2026/01/21 7:16 a.m.2 views

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS5.8AI score0.98871EPSS
Exploits62References13
ubuntucve
ubuntucve
added 2026/01/21 7:16 a.m.10 views

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS7.3AI score0.98871EPSS
Exploits62References8
osv
osv
added 2026/01/21 7:16 a.m.6 views

UBUNTU-CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS7.4AI score0.98871EPSS
Exploits62References9
attackerkb
attackerkb
added 2026/01/21 6:42 a.m.1 views

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS5.4AI score0.98871EPSS
In wildExploits62References7Affected Software1
vulnrichment
vulnrichment
added 2026/01/21 6:42 a.m.3 views

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS5.5AI score0.98871EPSS
Exploits62References8
cve
cve
added 2026/01/21 6:42 a.m.503 views

CVE-2026-24061

Summary: CVE-2026-24061 affects GNU Inetutils’ telnetd (up to 2.7) and enables remote authentication bypass by setting the USER environment variable to "-f root". This can lead to unauthorized root access if telnetd is reachable. What’s affected (per provided docs): inetutils telnetd; GNU Inetuti...

9.8CVSS5.5AI score0.98871EPSS
In wildExploits62References13Affected Software1
cvelist
cvelist
added 2026/01/21 6:42 a.m.39 views

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

9.8CVSS0.98871EPSS
Exploits62References8
cnnvd
cnnvd
added 2026/01/21 12:0 a.m.8 views

GNU Inetutils 参数注入漏洞

GNU InetUtils telnetd is a telnet service daemon in the GNU InetUtils suite that listens on TCP port 23 and provides clients with plaintext terminal access based on the Telnet protocol. A remote authentication bypass vulnerability exists in GNU InetUtils Telnetd, which can be exploited to bypass...

9.8CVSS7.4AI score0.98871EPSS
Exploits62References7
nessus
nessus
added 2026/01/19 12:0 a.m.6 views

MiracleLinux 3 : krb5-1.6.1-63.AXS3 (AXSA:2012-05:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-05:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext...

10CVSS6.4AI score0.95104EPSS
Exploits19References2
redhatcve
redhatcve
added 2026/01/09 10:57 a.m.6 views

CVE-2022-38556

Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d/S80telnetd.sh...

9.8CVSS6.9AI score0.00955EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.6 views

PT-2026-25339

GNU inetutils telnetd versions prior to 2.8 Description A buffer overflow exists in the LINEMODE SLC Set Local Characters suboption handler of the telnetd daemon. The issue occurs because the add slc function does not verify if the buffer is full before copying data, leading to an out-of-bounds...

10CVSS8.1AI score0.23674EPSS
Exploits8References141
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-3387

Malware in sbrugna...

10CVSS9.2AI score0.02826EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2009-0644

Malware in sbrugna...

9.3CVSS6.4AI score0.09355EPSS
Exploits1References6
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2000-1169

Malware in sbrugna...

5CVSS6.4AI score0.01657EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-0093

Malware in sbrugna...

7.2CVSS6.4AI score0.00679EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2982

Malware in sbrugna...

7.5CVSS7.6AI score0.01875EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-1319

Malware in sbrugna...

5CVSS6.4AI score0.01979EPSS
Exploits0References6
Rows per page
Query Builder