Find notable cyber news and cases, enriched with sources, timelines, and signals.
Vulnerability

Remote telnetd bypass reaches root on GNU InetUtils

Updated 14.02.2026 18:02
Case score 59
Case score 59 Members 1 Latest activity 14.02.2026 18:02
Active exploitation Patch available CVSS: 9.8 Critical
Members 1 First seen 22.01.2026 18:30 Last seen 22.01.2026 18:30 Updated 14.02.2026 18:02

Overview

A critical remote authentication bypass in **GNU InetUtils telnetd** lets remote clients skip login and reach **root** on affected releases. **CVE-2026-24061** affects **GNU InetUtils 1.9.3 through 2.7**, and probing has already been observed from multiple countries after disclosure. Patch, restrict telnet to trusted clients, or disable telnetd; a custom `login(1)` that rejects `-f` is another mitigation. Available evidence confirms active probing, but successful compromise and victim counts are not established.

Signals

4 derived
Impact signals
Exploitation
Exploitation Active exploitation CVSS 9.8 Critical
CVEs/products
CVE
Remediation
Remediation Patch available

Member happenings

1 related
Vulnerability GNU InetUtils telnetd remote authentication bypass (CVE-2026-24061)
Updated 22.01.2026 18:30 Lead Contribution 59
Exploitation Active Exploitation CVSS 9.8 Critical Patch Patch Available

A **critical remote authentication bypass** in **GNU InetUtils telnetd** lets attackers skip login and reach **root access** on affected releases. The flaw is tracked as **CVE-2026-24061** and affects **GNU InetUtils 1.9.3 through 2.7**. Attackers can send a crafted `USER` value of **`-f root`** with telnet `-a` or `--login` to abuse how `login(1)` processes the request. **GreyNoise** has already seen **21 IPs** probing the issue in the last **24 hours**, signaling active abuse pressure.