Critical GNU InetUtils Flaw Allows Unauthenticated Attackers to Gain Root Access via Telnet

CyberDefender 4 mins0

Security researchers have uncovered a serious vulnerability in GNU InetUtils that can allow an attacker to gain full root access without authentication. The flaw is simple, dangerous, and a strong reminder of why legacy services like Telnet should never be exposed to modern networks.

What’s going on?

The issue affects the telnetd service included with GNU InetUtils, versions 1.9.3 through 2.7.

When a user connects via Telnet, the server passes the supplied username to the system’s login program. Due to improper input validation, an attacker can craft a malicious username that includes the argument: -f root

On many Unix-like systems, login -f root tells the system to skip authentication entirely and log the user in as root. Because telnetd fails to sanitize this input, the attacker is dropped straight into a root shell — no password, no credentials, no warning.

Why this is critical

  • No authentication required – anyone who can reach the Telnet service can exploit it
  • Immediate root access – total control over the system
  • Remote exploitation – works over the network
  • Long-standing bug – the vulnerability has existed for years without detection

In short: if telnetd is reachable, the system is effectively wide open.

Who is at risk?

Any system that:

  • Runs GNU InetUtils telnetd (v1.9.3–2.7)
  • Has Telnet enabled
  • Is exposed to untrusted networks (including internal networks)

This commonly includes legacy servers, embedded systems, lab environments, and forgotten admin services.

What you should do right now

1. Disable Telnet immediately
If you don’t absolutely need telnetd, turn it off. There is no safe way to expose Telnet to the internet.

2. Block port 23
Use firewall rules to block Telnet access entirely or restrict it to trusted hosts only.

3. Patch or upgrade
Apply the latest security updates from GNU InetUtils or your Linux distribution vendor.

4. Move to SSH
SSH provides encryption, proper authentication, and modern security controls. Telnet does not.

The bigger lesson

This vulnerability isn’t just about one bug — it’s about legacy software risk. Telnet is insecure by design, and even well-maintained projects can harbor catastrophic flaws when old assumptions meet modern threat models.

If Telnet still exists anywhere in your environment, this is your sign to remove it.

CyberDefender