telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
2:2.0-1+deb11u32:2.4-2+deb12u22:2.6-3+deb13u12:2.7-2Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H