Back to KEVs

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Basic Information

CVE State: PUBLISHED
Reserved Date: January 21, 2026
Published Date: January 21, 2026
Last Updated: March 25, 2026
Vendor: GNU
Product: Inetutils
Description: telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
Tags

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2026-06-01 10:49:50 UTC) Source
Proof of Concept Available: Yes (added 2026-01-28 00:27:09 UTC) Source

References

https://www.openwall.com/lists/oss-security/2026/01/20/2 https://www.openwall.com/lists/oss-security/2026/01/20/8 https://www.gnu.org/software/inetutils/ https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html https://codeberg.org/inetutils/inetutils/commit/fd702c02497b2f398e739e3119bed0b23dd7aa7b https://codeberg.org/inetutils/inetutils/commit/ccba9f748aa8d50a38d7748e2e60362edd6a32cc https://www.vicarius.io/vsociety/posts/cve-2026-24061-detection-script-remote-authentication-bypass-in-gnu-inetutils-package https://www.vicarius.io/vsociety/posts/cve-2026-24061-mitigation-script-remote-authentication-bypass-in-gnu-inetutils-package

Known Exploited Vulnerability Information

Source	Added Date
CVE	2026-06-01 10:49:50 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

Gabs-hub/CVE-2026-24061_Lab

Type: github • Created: 2026-01-28 00:27:09 UTC • Stars: 0

Lab to show the CVE-2026-24061

novitahk/Exploit-CVE-2026-24061

Type: github • Created: 2026-01-27 20:04:40 UTC • Stars: 0

Payload CVE-2026-24061

androidteacher/CVE-2026-24061-PoC-Telnetd

Type: github • Created: 2026-01-27 14:24:19 UTC • Stars: 0

FurkanKAYAPINAR/CVE-2026-24061-telnet2root

Type: github • Created: 2026-01-27 08:32:42 UTC • Stars: 1

LucasPDiniz/CVE-2026-24061

Type: github • Created: 2026-01-26 20:46:49 UTC • Stars: 0

Vulnerability in GNU InetUtils telnetd Enables Remote Root Access

XsanFlip/CVE-2026-24061-Scanner

Type: github • Created: 2026-01-26 07:47:36 UTC • Stars: 0

CVE-2026-24061-Scanner by XsanLahci

ms0x08-dev/CVE-2026-24061-POC

Type: github • Created: 2026-01-25 19:22:38 UTC • Stars: 0

infat0x/CVE-2026-24061

Type: github • Created: 2026-01-25 10:40:00 UTC • Stars: 1

CVE-2026-24061 PoC

Mefhika120/Ashwesker-CVE-2026-24061

Type: github • Created: 2026-01-25 08:51:17 UTC • Stars: 0

CVE-2026-24061

typeconfused/CVE-2026-24061

Type: github • Created: 2026-01-25 07:33:48 UTC • Stars: 0

GNU telnetd service from GNU InetUtils authentication-bypass

Alter-N0X/CVE-2026-24061-POC

Type: github • Created: 2026-01-24 23:21:56 UTC • Stars: 0

CVE-2026-24061 - GNU InetUtils telnetd authentication bypass POC + Docker lab environment for testing

shivam-bathla/CVE-2026-24061-setup

Type: github • Created: 2026-01-24 19:03:06 UTC • Stars: 4

Docker setup for CVE-2026-24061

BrainBob/CVE-2026-24061

Type: github • Created: 2026-01-24 15:11:28 UTC • Stars: 0

Mr-Zapi/CVE-2026-24061

Type: github • Created: 2026-01-24 13:18:54 UTC • Stars: 0

Nuclei template for CVE-2026-24061

z3n70/CVE-2026-24061

Type: github • Created: 2026-01-24 08:09:02 UTC • Stars: 0

SystemVll/CVE-2026-24061

Type: github • Created: 2026-01-23 17:26:43 UTC • Stars: 5

Proof of Concept: CVE-2026-24061 is a critical authentication bypass vulnerability in GNU inetutils-telnetd allowing unauthenticated remote attackers to gain instant root shell access via malicious NEW_ENVIRON telnet option exploitation.