Description
Aprelium Abyss Web Server (abyssws) before 1.0.3 stores the administrative console password in plaintext in the abyss.conf file, which allows local users with access to the file to gain privileges.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Jeremy Roberts · textremotewindows
https://www.exploit-db.com/exploits/21367
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.aprelium.com/news/abws103.html
Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4467
Scores
EPSS
0.0013
EPSS Percentile
31.8%
Details
Status
published
Products (1)
aprelium_technologies/abyss_web_server
1.0
Published
Jul 03, 2002
Tracked Since
Feb 18, 2026