New telnetd flaw (CVE-2026-32746) allows unauthenticated attackers to gain root access via port 23. No patch released yet.
Cybersecurity researchers have disclosed a critical security flaw in the GNU InetUtils telnet daemon (telnetd) that could allow attackers to gain full control of affected systems without authentication.
The vulnerability tracked as CVE-2026-32746, impacts telnetd implementations and can be exploited remotely over port 23, the standard Telnet service port. The issue stems from a memory handling flaw specifically an out-of-bounds write in the LINEMODE SLC handler which can be abused to achieve remote code execution.
Security experts warn that successful exploitation could grant attackers root-level access, effectively giving them complete control over compromised machines. In some observed scenarios, no valid credentials are required, significantly increasing the risk for exposed systems.
The flaw is particularly dangerous because telnetd is still present in legacy environments and embedded systems, where secure alternatives like SSH are not always enforced. Researchers emphasize that services exposed directly to the internet are especially vulnerable.
At the time of disclosure, the vulnerability is described as unpatched, leaving system administrators with limited immediate mitigation options. Experts recommend disabling Telnet services where possible or restricting access through firewalls and network segmentation until a fix becomes available.
The discovery adds to growing concerns around legacy protocols like Telnet, which lack modern security protections and continue to present high-risk attack surfaces in enterprise and industrial environments.
Security teams are urged to audit systems for exposed telnet services and apply compensating controls to reduce the risk of exploitation.
Reports are sourced from official documents, law-enforcement updates, and credible investigations.
Discover additional reports, market trends, crime analysis and Harm Reduction articles on DarkDotWeb to stay informed about the latest dark web operations.
