Hackers are exploiting a critical 11-year-old vulnerability in the GNU InetUtils telnetd server, allowing remote authentication bypass to gain root access. The flaw involves unsanitized environment variable handling, enabling attackers to set the USER variable to gain unauthorized access. Affected versions include 1.9.3 to 2.7, with a patch available in version 2.8. Despite the risk, many legacy systems still use Telnet, particularly in industrial sectors. Recent exploit activity was detected, but real-world impact appears limited. Immediate patching or mitigations are advised.
Hackers Exploit Critical Telnetd Auth Bypass Flaw to Get Root

