PoC Released for GNU InetUtils telnetd RCE as 800K+ Exposed Instances Remain Online

A proof-of-concept exploit for CVE-2026-24061 (critical RCE) in GNU Inetutils telnetd has been published, and researchers report roughly 800,000 telnet instances exposed on port 23/TCP worldwide; the vulnerability permits unauthenticated arbitrary command execution, making exposed legacy telnet services high-value targets for credential harvesting and lateral movement. The report urges organizations to audit and remove exposed telnet services, migrate to SSH, apply firewall restrictions, and monitor for mass-exploitation activity.