Описание
A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:cosori:cs158-af_firmware:1.1.0:*:*:*:*:*:*:*
cpe:2.3:h:cosori:cs158-af:-:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.02015
Низкий
8.1 High
CVSS3
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-912
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.
EPSS
Процентиль: 83%
0.02015
Низкий
8.1 High
CVSS3
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-912
NVD-CWE-Other