Security News

Cybersecurity news aggregator

🔓
HIGH Vulnerabilities CISA KEV

CVE-2026-24061: GNU InetUtils Argument Injection Vulnerability

cve-2026-24061gnu-inetutilstelnetdcommand-injectionmitre-ta0001
GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass. The vulnerability can be exploited by setting the USER environment variable to '-f root'.
Read Full Article →

Vendor: GNU Product: InetUtils Description: GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass via a "-f root" value for the USER environment variable. Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due Date: 2026-02-16

Related Articles

CRITICAL Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access The Hacker News HIGH USN-7992-1: Inetutils vulnerability Ubuntu Security CRITICAL Ancient telnet bug happily hands out root to attackers The Register Security CRITICAL GLSA 202601-01: inetutils: Remote Code Execution Gentoo GLSA
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn