Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/09/11 12:0 a.m.12 views

Attacker can extract value from pool by sandwiching herself at swapAll during close

Lines of code Vulnerability details Attacker can drain the lending pool by leveraging two facts: 1. swapAll allows 1% slippage 2. There is no Health Factor check after close. Alice and Bob are good friends, the steps are in one single tx: 1. Alice deposits 10000 USDT and borrows 7000$ worth of TR...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.9 views

Attacker can get drain ETH for targetLpToken_

Lines of code Vulnerability details Impact Attacker can drain all ETH from FeeBurner.sol. Technically msg.value gets sent to swapperRouter, but since this contract is out of scope FeeBurner.sol will be treated as the victim Proof of Concept FeeBurner.solL56-L65 ... for uint256 i; i tokens.length;...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.11 views

Able to get LP tokens without spending any funds in FeeBurner.sol

Lines of code FeeBurner.solL43-L88 Vulnerability details Impact In the burnToTarget function, if the tokens array has only a zero address token and msg.value is 0 then FeeBurner.sol would still call the swapAll function and use all WETH held in the contract. If the contract has any WETH, the call...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/28 12:0 a.m.11 views

unsafe call using msg.value in loop

Lines of code Vulnerability details description with the function burnToTarget in FeeBurner.sol, a malicious user can swap more funds than they input in ETH if they include multiple address0 in the addresses tokens parameter during the function call, there is a for loop that loops through tokens...

6.8AI score
Exploits0
Rows per page
Query Builder