Vulnerabilities > CVE-2020-28593 - Unspecified vulnerability in Cosori Cs158-Af Firmware 1.1.0

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
cosori

Summary

A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

Vulnerable Configurations

Part Description Count
OS
Cosori
1
Hardware
Cosori
1