Over 800,000 internet-exposed GNU InetUtils telnetd remote login service instances could be compromised in attacks involving the old critical remote code execution flaw, tracked as CVE-2026-24061, following the emergence of a proof-of-concept exploit, reports GBHackers News.China had the largest number of legacy GNU InetUtils implementations impacted by the vulnerability, which arose from improper input validation in the telnet daemon, followed by Brazil, the U.S., Japan, and Mexico, according to findings from The Shadowserver Foundation. Such a significant attack vector should prompt organizations to urgently perform network perimeter audits for exposed telnet services on port 23/TCP and alternative ports.Organizations have also been advised not only to completely disable telnetd but also adopt stringent firewall rules and migrate to SSH. Immediate action has also been recommended by Shadowserver on Zyxel CPE devices impacted by CVE-2024-40891 and other systems affected by the 7777 botnet.
Vulnerability Management, Threat Intelligence
Widespread GNU InetUtils telnetd compromise likely amid PoC exploit release

Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds


