On the bright side that CVE seems like pretty great news for the hardware hacking community hoping to get root on embedded devices which have open telnetd.

I just tried on a Zyxel Wifi AP I have.

It seems to use a different telnetd (busybox?), because from what I can tell it's not prone to this error.