Lucene search
+L

4 matches found

Code423n4
Code423n4
added 2023/10/30 12:0 a.m.4 views

SingleAdminAccessControl contract allows admin to be transferred without removing old admin first

Lines of code Vulnerability details Description The SingleAdminAccessControl contract allows the admin role to be transferred to a new address without first removing the old admin. This is a security vulnerability, as it allows a malicious admin to transfer the role to a new address and then lock...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/31 12:0 a.m.10 views

Unauthorized Admin Transfer Vulnerability

Lines of code Vulnerability details Description The bug in this contract is that it doesn't handle the case when the pendingAdmin is set to the zero address address0. As per the condition msg.sender == address0, the if statement can be bypassed if an attacker sets pendingAdmin to the zero address...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/04/08 12:0 a.m.11 views

Transferring admins does not work for CToken

Lines of code Vulnerability details Impact The CToken implements an acceptAdmin function that sets the new admin to the pendingAdmin. But CToken does not implement a setPendingAdmin function to set the pendingAdmin in the first place. Therefore, the acceptAdmin function is useless and CTokens can...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/08/11 12:0 a.m.15 views

Single-step process for critical admin transfer is risky

Handle 0xRajeev Vulnerability details Impact LongShort and Staker contracts have the notion of an “admin” address that is used within onlyAdmin or adminOnly modifiers for granting authorization to critical functions. Such contracts use a single-step ownership transfer of such admin addresses usin...

6.9AI score
Exploits0
Rows per page
Query Builder