微信打赏(Wechat Reward) Security Vulnerabilities
Reward clarinets can claim rewards multiple times
Lines of code Vulnerability details Impact Reward claimers can call the get accrued reward function multiple times and maybe even drain the contract Proof of Concept As we can see there’s no check setting the accrued reward to zero after the rewards have been transferred Tools Used Manual review...
7AI Score
FlywheelAcummulatedRewards/FlywheelBribeRewards gains are instantaneous and can be frontrun
Lines of code Vulnerability details Impact FlywheelAcummulatedRewards/FlywheelBribeRewards gains are instantaneous and can be frontrun. The user only needs to frontrun the delegate before each incentive is distributed to get the incentive, and there is no way to prevent the user from undelegating.....
6.7AI Score
User can manipulate totalRewardUnclaimed and steal pool incentives
Lines of code https://github.com/code-423n4/2023-05-maia/blob/54a45beb1428d85999da3f721f923cbf36ee3d35/src/uni-v3-staker/UniswapV3Staker.sol#L438-L451 https://github.com/code-423n4/2023-05-maia/blob/54a45beb1428d85999da3f721f923cbf36ee3d35/src/uni-v3-staker/UniswapV3Staker.sol#L429-L451...
7AI Score
Small Walk Share WeChat app is a transportation platform. Zhejiang small walk information technology limited company small walk sharing wechat small program has a logic flaw vulnerability, attackers can use the vulnerability to log in any...
6.6AI Score
Incorrect poolTotalEUSDCirculation Calculation
Lines of code https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/base/LybraEUSDVaultBase.sol#L284 Vulnerability details Impact poolTotalEUSDCirculation calculated incorerctly so it can effect reward distribution Proof of Concept The...
7.1AI Score
Lines of code Vulnerability details Impact Suppose a user deposits certain Ether and mints eUSD. The user collects mining rewards for sometime (assuming that the their earnings are not claimable by others). After sometime, the user redeems all their eUSD for StETH. Now, even after redemption, the.....
6.7AI Score
flashloan stealing staking reward
Lines of code Vulnerability details Impact The report reveals a vulnerability where a flashloan can be used to steal staking rewards. The provided proof of concept demonstrates the issue, where a user can take advantage of the earned rewards calculation using the spot balance. By flashloaning a...
6.7AI Score
Lines of code https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/miner/EUSDMiningIncentives.sol#L184-L186 Vulnerability details Impact The reward distribution logic of the ProtocolRewardsPool and EUSDMiningIncentives contracts effectively allow a user to mint much more rewards...
6.7AI Score
contract has the tendency to mint more tokens than it actually has
Lines of code Vulnerability details Impact If the contract does not have enough esLBR tokens to mint and transfer as rewards, users will not be able to claim their rewards even if they have earned them. Proof of Concept There is no check to ensure that the contract's balance of esLBR tokens is...
6.9AI Score
First user can drain funds from staking contract
Lines of code Vulnerability details Impact If the first user locks an extremely small amount of tokens (1 wei), he can manipulate the reward that is supposed to receive. After locking a small amount, he can unlock it before the second user interacts with the contract. See PoC for more details....
6.8AI Score
Information leakage vulnerability in Dual Open Assistant Micro Divergence Edition
Dual Open Assistant Micro Diversion is an app diversion soft. Dual Open Assistant Micro Diversion Edition suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...
6.1AI Score
Exploit for Double Free in Openbsd Openssh
CVE-2023-25136 OpenSSH 9.1漏洞大规模扫描和利用 *脆弱性的详细信息...
6.5CVSS
7AI Score
0.009EPSS
Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks
Nikita Kislitsin, formerly the head of network security for one of Russia's top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of Justice. Experts say Kislitsin's prosecution could soon put the Kazakhstan government in.....
6.5AI Score
Logic Flaw Vulnerability in T+ (CNVD-2023-62863)
T+ is a new Internet business management software. A logic flaw vulnerability exists in Changjitong T+, which can be exploited by an attacker to delete arbitrary...
6.8AI Score
Exploit for Improper Ownership Management in Linux Linux Kernel
typora-copy-images-to: ./image CVE-2023-0386 Exp...
7.8CVSS
7.7AI Score
0.0004EPSS
How cybercrime is impacting SMBs in 2023
According to the United Nations, small and medium-sized businesses (SMBs) constitute 90 percent of all companies and contribute 60 to 70 percent of all jobs in the world. They generate 50 percent of global gross domestic product and form the backbone of most countries' economies. Hit hardest by...
7.5AI Score
Gibbon v25.0.0 - Local File Inclusion
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it's possible to include the content of several files present in the installation folder in the server's...
9.8CVSS
9.4AI Score
0.035EPSS
A week in security (June 19 - 25)
Last week on Malwarebytes Labs: Microsoft Azure AD flaw can lead to account takeover 5 facts to know about the Royal ransomware gang Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023 UPS warns customers of phishing attempts after data accessed 6 tips for a cybersecure...
6.7AI Score
JeecgBoot 3.5.0 - SQL Injection
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show...
9.8CVSS
9.9AI Score
0.378EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 12, 2023 to June 18, 2023)
Last week, there were 60 vulnerabilities disclosed in 52 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 25 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...
8.8CVSS
7.5AI Score
0.009EPSS
Vega's validators able to submit duplicate transactions
A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge for 100USDT that credits a party’s general account on Vega, can be re-processed 50 times resulting....
6CVSS
6.8AI Score
0.001EPSS
Vega's validators able to submit duplicate transactions
A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge for 100USDT that credits a party’s general account on Vega, can be re-processed 50 times resulting....
6CVSS
6.8AI Score
0.001EPSS
Exploit for SQL Injection in Jeecg Jeecg-Boot
CVE-2023-1454 Jeecg-Boot-qurestSql-SQLvuln...
9.8CVSS
7.2AI Score
0.091EPSS
US dangles $10 million reward for information about Cl0p ransomware gang
The US Department of State's national security rewards program, Rewards for Justice (RFJ), is offering a reward of up to $10 million for information linking the Cl0p ransomware gang, or any other malicious cyber actors targeting US critical infrastructure, to a foreign government. Advisory from...
6.8AI Score
Jeecg P3 Biz Chat - Local File Inclusion
Jeecg P3 Biz Chat 1.0.5 allows remote attackers to read arbitrary files through specific...
7.5CVSS
7.5AI Score
0.005EPSS
5.3CVSS
7.1AI Score
0.949EPSS
What You Need To Know About MOVEit
The MOVEit Vulnerabilities and Latest Exploits. Impact On Governmental Agencies And Large Organizations Governmental agencies and large organizations around the world are being hit by ransomware attacks exploiting several vulnerabilities in MOVEit, a widely used file transfer solution. The...
9.8CVSS
11AI Score
0.957EPSS
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/app_auth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used......
9.8CVSS
9.4AI Score
0.001EPSS
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/app_auth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used......
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/app_auth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used......
9.8CVSS
7.1AI Score
0.001EPSS
Deserialization of untrusted data
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/app_auth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used......
9.8CVSS
9.3AI Score
0.001EPSS
CVE-2023-3232 Zhong Bang CRMEB Image Upload app_auth deserialization
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0 and classified as critical. This issue affects some unknown processing of the file /api/wechat/app_auth of the component Image Upload. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used......
6.3CVSS
9.7AI Score
0.001EPSS
Changjitong T+ Remote Command Execution Vulnerability
T+ is a new Internet-based business management software. A remote command execution vulnerability exists in T+, which can be exploited by an attacker to execute arbitrary commands on the target...
7.8AI Score
Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack
The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been...
6.8AI Score
GitHub’s revamped VIP Bug Bounty Program
GitHub’s bug bounty team has had an exciting start to the year. We launched our very own swag store, allowing researchers to earn exclusive bug bounty branded swag as a bonus perk to their earned bounty reward, and held two private beta feature engagements, which brought us great findings by our...
7.4AI Score
Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme
A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. "This massive campaign has likely resulted in thousands of people being scammed worldwide," Trend Micro researchers.....
7.2AI Score
7.1AI Score
Lines of code https://github.com/code-423n4/2023-06-stader/blob/main/contracts/factory/VaultFactory.sol#L48-L60 Vulnerability details Impact The address of the new contract depends solely on the _salt parameter, which is calculated from user-provided data. Once a user's create transaction is...
6.8AI Score
Insecure State settleFunds function, state update
Lines of code Vulnerability details Impact The impact of this finding is that an unauthorized party can manipulate the state of the vaultSettleStatus variable before executing critical operations related to penalty marking, fund distribution, and reward deposits. This can potentially disrupt the...
6.9AI Score
sell reward rTokens at low price because of skiping furnace.melt
Lines of code Vulnerability details Impact The reward rToken sent to RevenueTrader will be sold at a low price. RSR stakers will lose some of their profits. Proof of Concept RevenueTraderP1.manageToken function is used to launch auctions for any erc20 tokens sent to it. For the RevenueTrader of...
7.1AI Score
User with large stacked ETH can deny other stacker from withdrawing.
Lines of code Vulnerability details Description The withdraw flow of Stader splitted in two steps, first the user has to requestWithdraw by passing his owned ETHx amount which add a new record to userWithdrawRequests[nextRequestId], second, finalizeUserWithdrawalRequest got called by any user to...
6.9AI Score
UNJUSTIFIED ZERO INDEX VALIDATION HINDERS INDEX VALUE OF 0
Lines of code Vulnerability details Impact SocializingPool.verifyProof currently incorporates a zero index check which blocks the entry of an index value of 0. While this check is designed to prevent the use of invalid index values, it inadvertently prohibits the valid index value of 0. This may...
6.8AI Score
Users who stake at the end of a freeze would get rewards as if they've staked before the freeze
Lines of code Vulnerability details This one was reported in the first contest, it was mitigated but a code change that was made since then brings it back again. Impact Users who stake while frozen would get a share of the rewards for the period since the last call to payoutRewards(). This means...
6.9AI Score
Exchange rate is stale for deposit to calculate shares
Lines of code https://github.com/code-423n4/2023-06-stader/blob/main/contracts/ValidatorWithdrawalVault.sol#L77 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/NodeELRewardVault.sol#L36 Vulnerability details Impact The attacker can take profit with the delayed exchange rate...
6.8AI Score
No stale data check on data being read from POR feed
Lines of code Vulnerability details Impact Stale data of exchange rate data being used protocol, resulting in loss in terms of ETHX being minted at stale exchange rate (which won't have accounted for new reward) Recommended Mitigation Steps Check lastUpdatedAt timestamp and that it is within...
6.9AI Score
7.1AI Score
Exploit for Code Injection in Vmware Spring Framework
Spring RCE CVE-2022-22965 漏洞环境 环境信息 * springboot *...
9.5AI Score
Swift support brings broader mobile application security to GitHub Advanced Security
Mobile applications have become a fundamental part of everyday life, from how we work, communicate, and entertain ourselves. We rely on mobile applications for their convenience, ease of use, and ability to provide access to a wide range of services and information on the go. At GitHub, we want to....
7AI Score
Exploit for Code Injection in Apache Rocketmq
0x01 简介 此工具是一款用于 RocketMQ RCE (CVE-2023-33246) woodpecker...
9.8CVSS
9.3AI Score
0.973EPSS
Exploit for Code Injection in Apache Rocketmq
0x01 简介 此工具是一款用于 RocketMQ RCE (CVE-2023-33246) woodpecker...
9.8CVSS
9.3AI Score
0.973EPSS