Lucene search
+L

5 matches found

Code423n4
Code423n4
added 2023/02/01 12:0 a.m.5 views

ANYONE CAN STEAL ETH THROUGH METHODS IN Payment.sol

Lines of code Vulnerability details Impact In Payment.sol contract, there is no access control on unwrapWETH, sweepToken and refundETH. So anyone can call these method to steal the Eth. Proof of Concept File: src/periphery/Payment.sol function unwrapWETHuint256 amountMinimum, address recipient...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/02/01 12:0 a.m.8 views

Anyone can withdraw contract funds

Lines of code Vulnerability details Impact There is a critical impact that an attacker could drain the entire eth balance of the contract by calling this refundETH function which lacks a modifier. The funds will go always to the caller of the function. Proof of Concept It is not a complex attack ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/01 12:0 a.m.18 views

refundETH has no access control and be called repeatedly or Can be Front runned to steal WETH funds from Contract

Lines of code Vulnerability details Impact The function refundETH has no access control and called be called anyone resulting in a loss of WETH funds if address0 is entered as the recipient for removeLiquidity Proof of Concept Consider the scenario if bob calls removeliquidity which returns WETH...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.8 views

Lack of access control for sweepToken, refundETH, unwrapWETH9 in Router.sol

Lines of code Vulnerability details Impact Lack of access control for sweepToken, refundETH, unwrapWETH9 in Router.sol, any WETH token, ETH and ERC20 sent to Router.sol is lost and claimable to anyone. Proof of Concept the function unwrapWETH9 and sweepToken and refundETH has no access control an...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.8 views

_depositToBentoBox sometimes uses both ETH and WETH

Handle cmichel Vulnerability details The TridentRouter.depositToBentoBox function only uses the ETH in the contract if it's higher then the desired underlyingAmount addressthis.balance = underlyingAmount. Otherwise, the ETH is ignored and the function uses WETH from the user. Impact Note that the...

6.8AI score
Exploits0
Rows per page
Query Builder