THREAT OPS › CVEs › CVE-2026-24061
CVE-2026-24061 — GNU InetUtils Argument Injection Vulnerability
GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass via a "-f root" value for the USER environment variable.
Vulnerability details
- Affected productsInetUtils
- KEV remediation due2026-02-16