Описание
A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:cosori:cs158-af_firmware:1.1.0:*:*:*:*:*:*:*
cpe:2.3:h:cosori:cs158-af:-:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04084
Низкий
8.1 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-120
CWE-787
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability.
EPSS
Процентиль: 88%
0.04084
Низкий
8.1 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-120
CWE-787