Vulnerabilities > CVE-2021-20693 - Missing Authorization vulnerability in Gurunavi 10.0.10/11.1.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
gurunavi
CWE-862

Summary

Improper access control vulnerability in Gurunavi App for Android ver.10.0.10 and earlier and for iOS ver.11.1.2 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.

Vulnerable Configurations

Part Description Count
Application
Gurunavi
4

Common Weakness Enumeration (CWE)