CVE-2020-28593

Summary

A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aCosoriCosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0affected

Weaknesses

  • CWE-912: CWE-912: Hidden Functionality

ADP Enrichment

CVE Program Container

Additional References

References