top of page
perceptive_background_267k.jpg

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

Published:

18 March 2026 at 05:06:00

Alert date:

18 March 2026 at 06:01:06

Source:

thehackernews.com

Click to open the original link from this advisory

Operating Systems, Network Infrastructure, Zero-Day Vulnerabilities

A critical security vulnerability (CVE-2026-32746) has been discovered in the GNU InetUtils telnet daemon (telnetd) with a CVSS score of 9.8. The flaw allows unauthenticated remote attackers to execute arbitrary code with elevated privileges through port 23. The vulnerability is described as an out-of-bounds write in the LINEMODE Set functionality. This represents a significant security risk as it provides root-level remote code execution without authentication requirements. The vulnerability remains unpatched, making systems running the affected telnetd service highly vulnerable to exploitation.

Technical details

Out-of-bounds write vulnerability in the LINEMODE Set Local Characters (SLC) suboption handler of GNU InetUtils telnetd that results in buffer overflow. The flaw can be triggered during initial connection handshake before authentication by sending specially crafted protocol messages. The SLC handler processes option negotiation during the Telnet protocol handshake. An attacker can exploit this by connecting to port 23 and sending a crafted SLC suboption with many triplets. The overflow corrupts memory and can be turned into arbitrary writes, leading to remote code execution with root privileges.

Mitigation steps:

Disable the telnetd service if not necessary, run telnetd without root privileges where required, block port 23 at network perimeter and host-based firewall level to restrict access, isolate Telnet access. A fix is expected to be available no later than April 1, 2026.

Affected products:

GNU InetUtils telnet daemon (telnetd) - all versions through 2.7

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-32746
https://dreamgroup.com/vulnerability-advisory-pre-auth-remote-code-execution-via-buffer-overflow-in-telnetd-linemode-slc-handler/#
https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.html
https://thehackernews.com/2026/01/critical-gnu-inetutils-telnetd-flaw.html

Related CVE's:

Related threat actors:

IOC's:

Port 23 - Telnet service port, Specially crafted SLC suboption messages with multiple triplets

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page