Privilege Escalation in GNU inetutils telnetd (<2.7) via systemd credentials
CVE-2026-28372 Published on February 27, 2026

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.

NVD

Vulnerability Analysis

CVE-2026-28372 is exploitable with local system access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Inclusion of Functionality from Untrusted Control Sphere

The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.

Products Associated with CVE-2026-28372

Want to know whenever a new CVE is published for GNU Inetutils? stack.watch will email you.

GNU Inetutils

Affected Versions

GNU inetutils:

Before and including 2.7 is affected.

Privilege Escalation in GNU inetutils telnetd (<2.7) via systemd credentialsCVE-2026-28372 Published on February 27, 2026

Vulnerability Analysis

Weakness Type

Inclusion of Functionality from Untrusted Control Sphere

Products Associated with CVE-2026-28372

Affected Versions

Privilege Escalation in GNU inetutils telnetd (<2.7) via systemd credentials
CVE-2026-28372 Published on February 27, 2026