| ▲ | est 4 hours ago | |
> a mountain of legacy and they are fine. telnetd CVE-2026-24061. It's embarrassingly simple exploit but took years to be discovered. > When telnetd invokes /usr/bin/login, it passes the USER value directly. If an attacker sets USER=-f root and connects using telnet -a or --login, the login process interprets -f root as a flag to bypass authentication, granting immediate root shell access. | ||
| ▲ | Sohcahtoa82 3 hours ago | parent [-] | |
Well yeah, but nobody sane still uses telnetd. | ||