CVE-2022-25335

RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the wild in February 2022. NOTE: although 2022-02-17 is the vendor's vulnerability announcement date, the vulnerability will not be remediated until a major...

Spoofing

RigoBlock Dragos through 2022-02-17 lacks the onlyOwner modifier for setMultipleAllowances. This enables token manipulation, as exploited in the wild in February 2022. NOTE: although 2022-02-17 is the vendor's vulnerability announcement date, the vulnerability will not be remediated until a major...

CVE-2022-25335

RigoBlock Dragos through 2022-02-17 is affected by a vulnerability caused by the absence of the onlyOwner modifier on setMultipleAllowances. This enables token manipulation, with in-the-wild exploitation reported in February 2022. The vulnerability is slated for remediation only via a major proto...

GSD-2022-1000077 CWE-749 in Dragos version all versions

In RigoBlock Dragos, all versions as of 2022-02-17 and later until a major protocol update is accomplished contain an exposed function CWE-749, specifically setMultipleAllowances which was not set to onlyOwner. The setMultipleAllowances function can be to manipulate tokens with the contract...

PT-2022-17218 · Unknown · Rigoblock Dragos

Name of the Vulnerable Software and Affected Versions: RigoBlock Dragos through 2022-02-17 Description: The issue is related to the lack of the onlyOwner modifier for setMultipleAllowances, which enables token manipulation. This has been exploited in the wild in February 2022. A major protocol...