2 matches found
Bad access control in AdminRole.sol can lead to all funds being stolen from FoundationTreasury.sol
Lines of code Vulnerability details Proof of concept FoundationTreasury.sol inherits CollateralManagement.sol which has the method function withdrawFundsaddress payable to, uint256 amount external onlyAdmin that can withdraw the whole balance of the treasury to the to address. It looks like it is...
Take over of AdminRole contract
Lines of code Vulnerability details Impact Any user can call the grantAdmin or revokeAdmin method and take control of the contract. Proof of Concept The grantAdmin and revokeAdmin methods are not protected by any type of authentication restriction, when they should have the onlyAdmin modifier. So...