CVE-2026-24061

Published Jan 21, 2026

Last updated 3 months ago

Exploit knownCVSS critical 9.8
telnetd
Network
OT
IoT
Tunneling protocol

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-24061 is an authentication bypass vulnerability affecting the Telnet service provided by GNU Inetutils through version 2.7. This flaw allows an unauthenticated remote attacker to bypass standard authentication checks and gain access to the Telnet service. The vulnerability arises from the `telnetd` process improperly validating the `USER` environment variable supplied by the client when it calls `/usr/bin/login`. Specifically, by crafting a malicious `USER` environment variable with a value like "-f root" and using the `telnet -a` or `--login` option, an attacker can trick the `login` program into skipping authentication, thereby granting access to the target host, potentially with root privileges. This issue is particularly relevant for systems running vulnerable versions of GNU Inetutils with Telnet enabled and exposed, including legacy Unix/Linux servers, embedded systems, and development environments.

Description
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
Source
cve@mitre.org
NVD status
Analyzed
Products
inetutils, debian_linux

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
GNU InetUtils Argument Injection Vulnerability
Exploit added on
Jan 26, 2026
Exploit action due
Feb 16, 2026
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

cve@mitre.org
CWE-88

Social media

Hype score
Not currently trending

  1. 🔸 45[.]137[.]70[.]27:8080 #opendir 🔎 → CVE-2026-24061 (Telnetd Auth Bypass) → CVE-2024-3721 (TBK DVR Command Injection) → CVE-2024-10443 (Synology RCE via Crontab) https://t.co/ybGabCZnj3

    @1ZRR4H

    27 Mar 2026

    6552 Impressions

    20 Retweets

    83 Likes

    60 Bookmarks

    0 Replies

    0 Quotes

  2. Top 5 Trending CVEs: 1 - CVE-2025-43529 2 - CVE-2026-1281 3 - CVE-2026-24858 4 - CVE-2024-12084 5 - CVE-2026-24061 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    1 Feb 2026

    187 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 CISA Adds Exploited Microsoft Office, Linux Kernel, Telnetd, and SmarterMail Flaws to KEV — Feb 16 Patch Deadline CISA added five vulnerabilities (CVE-2026-21509, CVE-2018-14634, CVE-2026-24061, CVE-2025-52691, CVE-2026-23760) to the KEV catalog, requiring U.S. federal

    @ThreatSynop

    29 Jan 2026

    155 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Top 5 Trending CVEs: 1 - CVE-2025-0072 2 - CVE-2026-23760 3 - CVE-2025-27237 4 - CVE-2024-37079 5 - CVE-2026-24061 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    27 Jan 2026

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Top 5 Trending CVEs: 1 - CVE-2025-62186 2 - CVE-2023-28206 3 - CVE-2026-21962 4 - CVE-2026-24061 5 - CVE-2026-23760 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    26 Jan 2026

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Top 5 Trending CVEs: 1 - CVE-2026-22812 2 - CVE-2024-37079 3 - CVE-2026-24061 4 - CVE-2025-56005 5 - CVE-2025-5419 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    25 Jan 2026

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 January Linux Patch Wednesday: 918 vulns fixed (616 kernel), 3 exploited (telnetd CVE-2026-24061, Safari CVE-2025-43529, Chromium CVE-2025-14174) + 97 with public exploits. #LinuxPatchWednesday #Linux #Vulristics ➡️ https://t.co/bxPByH2r6f https://t.co/35uge0Gkbg

    @leonov_av

    24 Jan 2026

    133 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. CVE-2026-25254
  2. Palo Alto Networks PAN-OS Out-of-bounds Write VulnerabilityCVE-2026-0300
  3. A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of a targeted device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device.CVE-2026-20034
  4. A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.CVE-2026-20035
  5. Memory corruption while processing IOCTL command when device is in power-save state.CVE-2026-25266

References

Sources include official advisories and independent security research.