Latest GNU inet-utils telnetd server vulnerability #
Simon Josefsson has reported a vulnerability in the the GNU inet-utils telnetd server. GNU inet-utils (InetUtils) is a collection of Internet-related servers and utilities. It is most commonly deployed on Linux systems.
GNU telnetd contains an authentication bypass vulnerability in its handling of user-supplied environment variables. A specially crafted $USER environment variable can bypass authentication and allow a remote, unauthenticated attacker to access a vulnerable system with the privileges of any known user, including root.
This vulnerability has been assigned CVE-2026-24061 and has a CVSS score of 9.8 (extremely critical).
The following versions are affected
- GNU inet-utils telnetd versions 1.9.3 and higher
What is telnetd? #
GNU inet-utils telnetd provides a server for the standard Telnet protocol. Telnet is a legacy remote-access protocol similar that has been largely supplanted by SSH and other, more secure, protocols. However, Telnet is still widely used in low-power or legacy devices.
What is the impact? #
Successful exploitation of this vulnerability would allow an adversary to bypass authentication on a vulnerable host.
Are updates or workarounds available? #
There is currently no patched version available. Users are advised to disable telnet access if possible, and to ensure proper network access controls are in place.
How to find potentially vulnerable systems with runZero #
From the Asset inventory, use the following query to locate potentially vulnerable assets:
_asset.protocol:=telnet AND protocol:=telnet AND os:Linux AND banner:="%login:" AND NOT banner:busyboxNote that this query will locate many Telnet services running on Linux hosts; GNU inet-utils telnetd is one of the most common Telnet servers deployed on Linux systems, but this query may discover other Telnet servers as well.
