Autoswagger automatically detects authorization weaknesses in APIs and discovers sensitive endpoints not requiring authentication where the application fails to check for a valid API token.

Cox Communications has fixed an authorization bypass vulnerability that enabled remote attackers to abuse exposed backend APIs to reset millions of modems' settings and steal customers' sensitive ...