". command below establishes a root shell on the target. user = ' - f root ' telnet - a < ipaddr > this vulnerability has a cvss score of 9. 8 and an epss score of 29 %, indicating critical severity with high exploitation likelihood. the flaw existed undetected for over 11 years s…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
89%
"cve id : cve - 2026 - 24061 - severity : critical - cvss score : 9. 8 - epss score : 29 % - published : january 19, 2026 - impact : remote code execution as root - attack vector : network - authentication required : no - vulnerable component : gnu inetutils telnetd from 1. 9. 3 t…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
89%
"cve - 2026 - 24061 – gnu inetutils telnetd authentication bypass vulnerability jan 30, 2026 cve - 2026 - 24061 – gnu inetutils telnetd authentication bypass vulnerability cve - 2026 - 24061 enables unauthenticated attackers to exploit gnu telnetd and gain immediate root shells ov…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
75%
"( local _ hostname ) ) ; case ' l ' : return xstrdup ( sanitize ( line ) ) ; case ' t ' : q = strchr ( line + 1, ' / ' ) ; if ( q ) q + + ; else q = line ; return xstrdup ( sanitize ( q ) ) ; case ' t ' : return terminaltype? xstrdup ( sanitize ( terminaltype ) ) : null ; case ' …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1027.001Binary Padding
59%
"? xstrdup ( user _ name ) : null ; case ' u ' : return getenv ( " user " )? xstrdup ( getenv ( " user " ) ) : xstrdup ( " " ) ; a new function called sanitize has been added and sanitization checks for potential entry points was added, telnetd / utility. c, static char * sanitize…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
44%
", or cause service disruption. organizations with exposed vulnerable telnetd instances should assume potential compromise until systems are patched and investigated. mitigation - immediate actions : - update gnu inetutils to version 2. 7 - 2 or later - if patching isn ’ t possibl…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
34%
"from a 2015 commit that added a % u placeholder to the login command template. this placeholder is replaced with the user environment variable, which clients can set through the telnet protocol ’ s new _ environ option during connection negotiation. the problem is that telnetd pe…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
CVE-2026-24061 enables unauthenticated attackers to exploit GNU telnetd and gain immediate root shells over the network.