Cox Biz Auth-Bypass Bug Exposes Millions of Devices to Takeover

June 4, 2024 at 10:14AM An API authorization-bypass flaw in Cox Communications’ infrastructure exposed millions of business customer devices to attacks. Independent bug researcher Sam Curry identified and reported the issue, leading to a prompt fix by the provider. Potential risks included unauthorized access to customer information, Wi-Fi passwords, and connected devices. The vulnerability highlighted … Read more

Vulnerabilities Exposed Millions of Cox Modems to Remote Hacking

June 4, 2024 at 06:24AM Cox Communications recently patched several vulnerabilities in their modems, preventing potential remote takeovers by hackers. Discovered in March by expert Sam Curry, the flaws allowed attackers to bypass authorization, gaining control of millions of modems and potentially accessing customer data. Cox promptly addressed the issue after being notified. Key Meeting … Read more

Cox fixed an API auth bypass exposing millions of modems to attacks

June 3, 2024 at 05:12PM Cox Communications fixed an authorization bypass vulnerability discovered by bug bounty hunter Sam Curry, preventing remote attackers from resetting modem settings and stealing sensitive customer information. The largest private broadband company in the U.S., Cox provides services to nearly seven million homes and businesses across over 30 states. The company … Read more