Lucene search
+L

139 matches found

Code423n4
Code423n4
added 2023/08/04 12:0 a.m.15 views

LiquidationQueue brings centralization risk in the contract.

Lines of code Vulnerability details Impact the owner has too much unilateral control over liquidations and can manipulate te country in the following ways: The owner of LiquidationQueue sees a profitable liquidation opportunity Before anyone else can liquidate, they use LiquidationQueue to place ...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.9 views

Reentrancy vulnerability in SGLCommon._removeAsset

Lines of code Vulnerability details Impact The function SGLCommon.removeAsset is vulnerable to reentrancy attacks. Reentrancy occurs when a contract calls another contract, and the second contract calls back to the first contract before the first contract has finished executing. This can allow th...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.15 views

Reentrancy vulnerability in BigBang.execute

Lines of code Vulnerability details Impact This vulnerability could allow an attacker to withdraw funds from the BigBang contract. This could result in a loss of funds for the user. Proof of Concept The BigBang.execute function has external calls inside a loop. This could potentially lead to...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/07/31 12:0 a.m.6 views

Anyone can permanently disable the token guardian for their wallet by calling this one DANGER__disableTokenGuardian function

Lines of code Vulnerability details Impact A hacker could call DANGERdisableTokenGuardian, instantly disable the guardian and steal tokens or make malicious approvals Proof of Concept The DANGERdisableTokenGuardian function is risky and should be reconsidered. The main issue is that it allows...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.15 views

CONFIGURING ALLOWANCE TO ZERO FOR THE _previousLiquidationPair CAN BE FRONT RUN

Lines of code Vulnerability details Impact The Vault.setLiquidationPair is used to change the liquidationPair address to a new address. In the process it sets the allowance of the previousLiquidationPair to zero as shown below: if previousLiquidationPair != address0...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.9 views

The incorrect check implemented in the UserWithdrawalManager undermines the effectiveness of the timelock for claiming ETH

Lines of code Vulnerability details high Title: The incorrect check implemented in the UserWithdrawalManager undermines the effectiveness of the timelock for claiming ETH. Links: Impact Any malicious users can bypass the timelock mechanism for claiming ETH. The issue lies in the claim function,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/09 12:0 a.m.19 views

The owner is a single point of failure and a centralization risk

Lines of code Vulnerability details Impact Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Similar...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.15 views

New treasury rate should not affect existing loan

Lines of code Vulnerability details Impact In the protocol, lenders have to pay a small treasury fee when they claim their interest. The contract owner can change this treasuryRate at any time using the function setTreasuryRate. // @audit treasury rate should not affect existing loan function...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/26 12:0 a.m.10 views

Requirement for having timelocks on recovery transactions is not enforceable

Lines of code Vulnerability details Impact When calling the following AmbireAccount.execute function with sigMode being SIGMODERECOVER, a recovery transaction can be scheduled if requireprivilegessignerKeyToRecover == recoveryInfoHash, 'RECOVERYNOTAUTHORIZED' and requireisIn,...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/05/25 12:0 a.m.8 views

execute() replay RECOVER after cancel

Lines of code Vulnerability details Impact Maliciously replay a recover transaction that has been cancelled and execute it Proof of Concept The user can cancel the transactions already in scheduledRecoveries by using SIGMODECANCEL. The code is as follows: function executeTransaction calldata txns...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/05/08 12:0 a.m.15 views

Mitigation of M-08: Issue not mitigated

MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-08: Issue not mitigated Link to Issue: code-423n4/2023-03-asymmetry-findings685 Comments First, there is a clear error in the associated description of mitigation: "Use Chainlink to get rETH". Using Chainlink to obtain the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/19 12:0 a.m.7 views

Malicious or hacked admin can steal all ETH

Lines of code Vulnerability details Impact In L2EthToken.sol we have transferFromTo It is possible malicious or hacked admin to steal the ETH. Proof of Concept As can be seen from the code snippet below, nothing can stop malicious or hacked admin to steal all ETH. He can use address from and send...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.11 views

Staking BYTES to Citizen does not extend timelock, allowing attacker to manipulate totalPoints with flash loan

Lines of code Vulnerability details Impact In NeoTokyoStaker, BYTES token can be staked into a Citizen. First, the Citizen must be staked, it will be locked for a timelock duration in Staking contract. Staker want to stake BYTES can specify this Citizen ID and stake into it. However, when users...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.4 views

TIMELOCK OPTION'S DURATION AND MULTIPLIER INACCURATELY DECODED

Lines of code Vulnerability details Impact The implementation of bitwise operations, i.e. and & in decode the timelock option's duration and multiplier does not seem to return results as expected. This could affect all other variables dependent on them. Proof of Concept These affect the function...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.19 views

An malicious user can mint a huge amount of BYTES 2.0 tokens for himself

Lines of code Vulnerability details Impact An attacker can mint a huge amount of BYTES 2.0 tokens for himself. Additionally, the rewards system can be permanently damaged by making the pool.totalPoints a huge number, not reflecting the actual state of the system. Proof of Concept There are two co...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/15 12:0 a.m.11 views

User can cause the points of their LP stake position to underflow

Lines of code Vulnerability details Impact This vulnerability allows a user to cause their LP position points to underflow which will then allow a user to receive a massively disproportionate amount of the emission rewards relative to their stake because they now practically have an infinite amou...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/25 12:0 a.m.18 views

Upgraded Q -> M from #229 [1674661320954]

Judge has assessed an item in Issue 229 as M risk. The relevant finding follows: Centralization Risk Contract: Impact: It seems the poolAdmin holds too much power including changing reward controller, rescue tokens etc. This can allow poolAdmin to impact all users by changing the config or draini...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/22 12:0 a.m.13 views

Upgraded Q -> M from #268 [1674418407759]

Judge has assessed an item in Issue 268 as M risk. The relevant finding follows: L-02 Front running attacks by the owner Project has one possible attack vectors by the onlyOwner: dao.Fees , burnsFees , referralFees , botFees variable; It determines the fees rate The default deposit fees equal zer...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.10 views

lastResortTimelockOwnerClaimNFT() can retrieve the token although drawing is in progress

Lines of code Vulnerability details Impact owner can retrieve the token although drawing is in progress Proof of Concept lastResortTimelockOwnerClaimNFT Be used in: " If no users ultimately claim the NFT, the admin specifies a timelock period after which they can retrieve the raffled NFT. " But i...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.12 views

Admin can withdraw the NFT before the winner timelock ends

Lines of code Vulnerability details Impact The admin could set recoverTimelock before drawBufferTime , thus he can withdraw the NFT before the winner Draw buffer time ends. Proof of Concept The drawBufferTime need to be more then an hour and less then a month and the recoverTimelock need to be at...

6.7AI score
Exploits0
Rows per page
Query Builder