CP
cyberpings
VulnerabilitiesCRITICAL

Critical Telnetd Flaw - Unauthenticated Root RCE Discovered

THThe Hacker News
CVE-2026-32746GNU InetUtilstelnetdremote code executionbuffer overflow
🎯

Basically, a serious bug lets hackers control systems without needing a password.

Quick Summary

A critical flaw in GNU InetUtils telnetd allows hackers to execute code remotely without authentication. This affects all versions up to 2.7. Immediate action is needed to prevent exploitation.

The Flaw

Cybersecurity researchers have uncovered a critical vulnerability in the GNU InetUtils telnet daemon (telnetd), identified as CVE-2026-32746. This flaw allows an unauthenticated remote attacker to execute arbitrary code with elevated privileges, making it extremely dangerous. The vulnerability arises from an out-of-bounds write in the LINEMODE Set Local Characters (SLC) suboption handler, which leads to a buffer overflow. The flaw has a CVSS score of 9.8, indicating its severity.

Discovered by Israeli cybersecurity firm Dream, this vulnerability affects all versions of the telnet service implementation up to version 2.7. Attackers can exploit this flaw by sending a specially crafted message during the initial connection handshake, before any login prompt appears. This means that a single network connection to port 23 is enough to trigger the vulnerability without requiring any credentials.

What's at Risk

The implications of this vulnerability are significant. If exploited, an attacker could gain full control of the system running telnetd, especially since it usually operates with root privileges. This could lead to various malicious activities, including deploying persistent backdoors, stealing sensitive data, and moving laterally within a network using compromised hosts.

The SLC handler processes option negotiation during the Telnet protocol handshake. Because the flaw can be triggered before authentication, attackers can easily weaponize it right after establishing a connection. The potential for complete system compromise is alarming, especially for systems that rely on telnetd for remote access.

Patch Status

As of now, a fix for CVE-2026-32746 is expected to be available no later than April 1, 2026. Until then, users and administrators are urged to take immediate action to mitigate the risks associated with this vulnerability. Dream advises disabling the telnet service if it is not essential, running telnetd without root privileges where possible, and blocking port 23 at both network and host-based firewall levels.

Immediate Actions

To protect against this critical vulnerability, consider the following steps:

  • Disable Telnet: If telnet is not necessary, disable the service to prevent exploitation.
  • Run with Limited Privileges: If telnetd must be used, ensure it runs without root privileges.
  • Block Port 23: Implement firewall rules to restrict access to port 23, minimizing exposure.
  • Isolate Access: Limit Telnet access to trusted networks only.

The urgency of addressing this vulnerability cannot be overstated, especially given the recent history of critical flaws in GNU InetUtils telnetd. Organizations must act swiftly to safeguard their systems from potential attacks.

🔒 Pro insight: The ease of exploitation and high CVSS score of this vulnerability highlight the urgent need for organizations to reassess their reliance on telnet services.

Original article from

The Hacker News

Read Full Article

Share

Related Pings

HIGHVulnerabilities

WebKit Vulnerability - Apple Addresses Same-Origin Policy Bypass

Apple has addressed a serious WebKit vulnerability that could allow attackers to bypass security measures on iOS and macOS. Users must update their devices to protect sensitive data. This fix is part of Apple's ongoing commitment to user security.

The Hacker News·
HIGHVulnerabilities

AWS Bedrock Tool - Vulnerability Enables Data Exfiltration

A significant vulnerability in AWS Bedrock allows data exfiltration through DNS leaks. This flaw poses a risk to sensitive data for organizations. Immediate action is needed to mitigate potential breaches.

SC Media·
CRITICALVulnerabilities

Critical IP KVM Flaws - Unauthenticated Root Access Exposed

Researchers have flagged nine critical flaws in IP KVM devices, allowing hackers to gain root access. Affected devices include GL-iNet and Angeet models. Immediate action is crucial to prevent extensive control over systems.

The Hacker News·
HIGHVulnerabilities

Ubuntu CVE-2026-3888 - Critical Privilege Escalation Flaw

A critical vulnerability in Ubuntu allows local attackers to gain root access. Default installations of Ubuntu Desktop 24.04 and later are affected. Immediate patching is essential to prevent system takeover. Stay updated to secure your systems.

The Hacker News·
HIGHVulnerabilities

Apple Issues Lightweight Security Updates for Vulnerabilities

Apple has launched Background Security Improvements to deliver timely security updates for iOS, iPadOS, and macOS. This initiative addresses vulnerabilities like CVE-2026-20643. Users can enable automatic updates to stay secure. Don't miss out on these essential patches!

Help Net Security·
HIGHVulnerabilities

WhatsApp Vulnerability - 4th View Once Bypass Discovered

A researcher has uncovered a fourth way to bypass WhatsApp's View Once feature. Meta will not fix this vulnerability, raising serious privacy concerns for users. This highlights ongoing issues with the app's security measures.

SecurityWeek·