cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Honda API leakage via the Cloud

Hi All

 

Honda's e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API flaws that allow password reset for any account.

Honda is a Japanese manufacturer of automobiles, motorcycles, and power equipment. In this case, only the latter division is impacted, so owners of Honda cars or motorcycles aren't affected.

 

An interesting report on what was found:

 

https://www.bleepingcomputer.com/news/security/honda-api-flaws-exposed-customer-data-dealer-panels-i...

 

Regards

 

Caute_Cautim

0 Replies