This is unsafe unless the API port on all the devices are only accessible from within your lan, and even then you're better off confining them to the IP addresses within your lan (192.etc).
Yea that's what I thought. You should only ever open the cgminer API to a particular IP address that you control or trust. Otherwise, someone with a port-scanner can find your miner and take control of it.