3 matches found
User's assets can be drained without payment due to invalid signature check
Lines of code Vulnerability details Impact Exchange::execute uses validateSignatures function to verify if an order is signed by both parties. However, this function does not verify the signature when order.trader == msg.sender. Hence, malicious actor can prepare a bundle of all seller's Orders...
Overprivileged admin can grant unlimited WETH
Lines of code Vulnerability details Impact Admin can grantComp to any address using any amount and drain the contract. Proof of Concept If admin key gets compromised there is no timelock, no amount boundaries and no address limitations to prevent the assets to be drained immediately to the...
DEPLOYER can drain underlying asset deposited by AaveV2Strategy and drain SHER token in SherDistributionManager
Handle wuwe1 Vulnerability details Proof of Concept For sdm. DEPOLYER can call pullReward and send arbitrary amount of sher in sdm to the DEPOLYER. For AaveV2Strategy.sol , attacker can call withdrawAll and drain the underlying asset if there is any. Recommended Mitigation Steps Add Timelock on...