A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1217 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2021-04-15T13:41:22
Updated: 2021-04-15T13:41:22
Reserved: 2020-11-13T00:00:00
Link: CVE-2020-28593
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-15T14:15:16.013
Modified: 2022-08-31T19:21:51.447
Link: CVE-2020-28593
JSON object: View
Redhat Information
No data.
CWE