CNNVD-202601-3437 Information

CNNVD ID

CNNVD-202601-3437

Related CVE

CVE-2026-24061

• CNNVD Published: 2026-01-21

Description (Chinese)

GNU Inetutils是美国GNU社区的一组常见的网络程序。 GNU Inetutils 2.7及之前版本存在参数注入漏洞，该漏洞源于通过USER环境变量绕过远程身份验证。

Description (English)

GNU Innetutils is a common web program for the GNU community in the United States. GNU Innetutils 2.7 and earlier versions had a gap in parameters, which stemmed from remote authentication through USER environmental variables.

Hazard Level

Low

Vulnerability Type

参数注入

Affected Vendor

GNU

Published

2026-01-21

Last Modified

2026-02-24

References

https://www.gnu.org/software/inetutils/ https://www.openwall.com/lists/oss-security/2026/01/20/2 https://www.openwall.com/lists/oss-security/2026/01/20/8 https://cxsecurity.com/issue/WLB-2026010014 https://access.redhat.com/security/cve/cve-2026-24061

Patch

https://www.gnu.org/software/inetutils/manual/