GNU Inetutils Telnetd Authentication Bypass (CVE-2026-24061)
Overview
GNU Inetutils Telnetd Authentication Bypass, tracked as CVE-2026-24061, affects the telnetd service in GNU Inetutils. Telnet is an older remote access protocol, but exposed or internally reachable telnet services still create high-risk access paths when authentication can be bypassed.
Vulnerability Overview
CVE-2026-24061 is an argument injection vulnerability in GNU Inetutils telnetd. The issue occurs because user-controlled environment data can be passed to the login program in a way that changes authentication behavior.
The official CVE record describes a remote authentication bypass through the USER environment variable. This allows remote access without the expected password-based authentication flow.
Impact
The vulnerability is rated Critical with a CVSS 3.1 score of 9.8. Successful exploitation can allow remote authentication bypass and root-level access on affected systems.
CVE-2026-24061 is listed in the CISA Known Exploited Vulnerabilities catalog, indicating active exploitation and making exposed telnet services a priority for remediation.
Vulnerability Scope
The affected range is GNU Inetutils 1.9.3 through 2.7. Distribution packages may have their own backported fixes, so administrators should check both upstream and operating system security advisories.
The highest-risk deployments are systems with GNU Inetutils telnetd reachable from untrusted networks or legacy internal networks where telnet remains enabled.
Lab Focus
This Hackviser lab focuses on understanding how argument injection in an authentication boundary can bypass login controls. You will practice identifying affected GNU Inetutils versions, recognizing the risk of legacy remote access services, and mapping authentication bypass impact to service hardening.