CVE-2026-28372

This repository contains a functional exploit for CVE-2026-28372, which leverages environment variable injection (CREDENTIALS_DIRECTORY) and a crafted login.noauth file to bypass authentication in GNU inetutils telnetd, leading to local privilege escalation to root.

This repository contains a functional exploit for CVE-2026-28372, a local privilege escalation vulnerability in GNU inetutils telnetd < 2.7. The exploit leverages the Telnet NEW_ENVIRON option to inject the CREDENTIALS_DIRECTORY environment variable, bypassing authentication in util-linux login(1) >= 2.40.

This repository contains a functional Python exploit for CVE-2026-28372, which leverages environment variable injection (CREDENTIALS_DIRECTORY) and a crafted login.noauth file to bypass authentication in GNU inetutils telnetd, leading to local privilege escalation to root.

The repository contains a functional Python exploit for CVE-2026-28372, which leverages environment variable injection (CREDENTIALS_DIRECTORY) and a crafted login.noauth file to bypass authentication in GNU inetutils telnetd, leading to local privilege escalation to root.

The repository contains a functional exploit for CVE-2026-28372, a local privilege escalation vulnerability in GNU inetutils telnetd. The exploit manipulates the CREDENTIALS_DIRECTORY environment variable to bypass authentication and obtain a root shell.