Lucene search
+L

4 matches found

Code423n4
Code423n4
added 2022/11/10 12:0 a.m.6 views

useAndRepay function can be used to underflow the principal debt of a credit

Lines of code Vulnerability details The function useAndRepay present in the SpigotedLine contract doesn't check that the amount is within the debt limit and can be used by a malicious lender to underflow the principal variable and manipulate the debt of a credit. Impact A malicious lender can use...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.11 views

Malicious lender can change price oracle for outstanding loan

Lines of code Vulnerability details The updateLoanParams function in NFTPairWithOracle.sol allows the lender to update parameters for an outstanding loan duration, valuation, annual interest, and collateralization ratio as long as they are the same or better for the borrower. These params are...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.8 views

No success required for Oracle market rate queries

Lines of code Vulnerability details Impact The system can use stale or even plainly incorrect due to any technical malfunction price for decision making. For example, a malicious lender can setup a bot that tracks incorrect readings i.e. track the state of the Oracle used and act on observing...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/08 12:0 a.m.7 views

makePayment() Lack of access control allows malicious lender to retrieve a large portion of the funds earlier, making the borrower suffer fund loss

Handle WatchPug Vulnerability details function makePaymentuint256 amount external override returns uint256 principal, uint256 interest // The amount specified is an optional amount to be transfer from the caller, as a convenience for EOAs. requireamount == uint2560 ||...

6.9AI score
Exploits0
Rows per page
Query Builder