Description
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected by this issue is some unknown functionality. The manipulation leads to use of hard-coded password. The patch is identified as 557e177d8a309d6f0f26de46efb38d43e000852d. It is recommended to apply a patch to fix this issue. VDB-217154 is the identifier assigned to this vulnerability.
References (4)
Core 4
Core References
Permissions Required, Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.217154
Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.217154
Third Party Advisory issue-tracking
https://github.com/taoeffect/empress/pull/61
Patch, Third Party Advisory patch
https://github.com/taoeffect/empress/commit/557e177d8a309d6f0f26de46efb38d43e000852d
Scores
CVSS v3
6.3
EPSS
0.0088
EPSS Percentile
54.1%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-259
CWE-798
Status
published
Products (1)
empress_project/empress
< 2014-12-02
Published
Jan 01, 2023
Tracked Since
Feb 18, 2026