Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE via Port 23

Key Points:

• Critical vulnerability CVE-2026-32746 in GNU InetUtils telnet daemon (telnetd) allows unauthenticated remote code execution via port 23.
• The flaw, with a CVSS score of 9.8, enables attackers to exploit the vulnerability during the Telnet protocol handshake, potentially compromising systems running telnetd with root privileges.
• Recommended actions include disabling the Telnet service if not needed, running telnetd without root privileges, blocking port 23 at firewalls, and isolating Telnet access.

Technical Details: CVE-2026-32746 is an out-of-bounds write vulnerability in the LINEMODE SLC handler that leads to a buffer overflow, allowing attackers to execute arbitrary code without authentication.

MITRE ATT&CK Techniques:

• T1203 - Exploit Public-Facing Application (Initial Access)
• T1068 - Exploitation for Client Execution (Privilege Escalation)

IOCs Mentioned: None mentioned.