Cox fixed an API auth bypass exposing millions of modems to attacks

Published on June 3, 2024

​Cox Communications has fixed an authorization bypass vulnerability that enabled remote attackers to abuse exposed backend APIs to reset millions of modems' settings and steal customers' sensitive personal information. [...]