Remote code execution vulnerabilities in Cosori smart air fryer

April 19, 2021

The Cosori Smart Air Fryer is a WiFi-enabled kitchen device that uses a variety of methods and settings to cook food. The device’s Wi-Fi capabilities can also be used to start and stop cooking, look up recipe guides, and track cooking progress.

TALOS-2020-1216 (CVE-2020-28592) and TALOS-2020-1217 (CVE-2020-28593) are remote code execution vulnerabilities that could allow an attacker to remotely inject code into the device.

Read More…