A critical vulnerability in the GNU InetUtils telnet daemon (telnetd) has been discovered, allowing attackers to gain root access with ease. Tracked as CVE-2026-24061, this flaw has gone unnoticed for almost 11 years since it was introduced in a May 2015 update. Security experts have flagged the bug as "trivial" to exploit, with active attempts reported within just 24 hours of its disclosure. GreyNoise data indicates that 15 unique IPs were trying to execute a remote authentication bypass using this vulnerability. The vulnerability arises from an argument injection flaw where attackers can manipulate the USER environment variable to log in as root without standard authentication. Simon Josefsson, a GNU contributor, explained that by using a specific telnet command with a crafted USER variable, attackers can bypass normal login processes. Rapid7's Stephen Fewer confirmed that exploiting this bug is straightforward and results in full root access on the target system. He cautioned that anyone still running telnetd should reconsider, as the protocol is unencrypted and susceptible to interception. Despite the decline in telnet usage in favor of more secure protocols like SSH, many installations remain active. France's CERT has urged the decommissioning of all telnet services, and similar warnings have come from cybersecurity authorities in Canada and Belgium. Recommendations include updating to the latest telnetd version, restricting access to the telnet port, or transitioning to SSH entirely.