Lucene search
K

3 matches found

Code423n4
Code423n4
added 2022/05/08 12:0 a.m.9 views

If treeAdder call addMerkleTree() of MerkleIdentity with wrong values for eligibilityIndex or priceIndex (uninitialized) attacker can steal NFTs

Lines of code Vulnerability details Impact If treeAdder call addMerkleTree of MerkleIdentity with wrong values for eligibilityIndex or priceIndex uninitialized gates index attacker can create those gate indexes in priceGateAddress or eligibilityAddress they are permission less with his own specif...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.9 views

if user call addMerkleTree() of MerkleIdentity with priceIndex==0 by mistake or other uninitialized gates, then attacker can steal all the NFTs with 0 payment

Lines of code Vulnerability details Impact If treeAdder calls addMerkleTree with priceIndex==0 by mistake, then attackers can buy NFT's with price of 0 because gate Indexs in FixedPricePassThruGate or SpeedBumpPriceGate start from 1 and gates0 will be uninitialized and getCost0 will return 0. Thi...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.9 views

In withdraw() of MerkleIdentity if user set wrong value for merkleIndex, then treeAdder can perform front-running and steal user funds

Lines of code Vulnerability details Impact If user call withdraw of addMerkleTree with uncivilized merkleIndex, then it's possible for treeAdder to perform front-running attack and steal his funds. Proof of Concept This is code of withdraw in addMerkleTree: function withdrawuint merkleIndex, uint...

6.7AI score
Exploits0
Rows per page
Query Builder