High severity7.5NVD Advisory· Published Oct 30, 2025· Updated Apr 15, 2026
CVE-2025-61118
CVE-2025-61118
Description
mCarFix Motorists App version 2.3 (package name com.skytop.mcarfix), developed by Paniel Mwaura, contains improper access control vulnerabilities. Attackers may bypass verification to arbitrarily register accounts, and by tampering with sequential numeric IDs, gain unauthorized access to user data and groups. Successful exploitation could result in fake account creation, privacy breaches, and misuse of the platform.
Affected products
1- Range: =2.3
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.