How to find potentially vulnerable GNU inet-utils telnetd servers on your network

GNU inet-utils telnetd contains a critical authentication-bypass vulnerability (CVE-2026-24061, CVSS 9.8) in its handling of the $USER environment variable that can allow remote, unauthenticated attackers to gain any user's privileges including root. The issue affects inet-utils telnetd 1.9.3 and higher, currently has no patch, and the report recommends disabling telnet and enforcing network access controls; a runZero query is provided to help locate potentially vulnerable hosts.