Lucene search
K

30 matches found

OSV
OSV
added 2022/03/24 12:15 a.m.5 views

CVE-2021-31326

D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a crafted tokenid parameter to /goform/form2Reboot.cgi...

9.8CVSS5.8AI score0.02165EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/23 12:0 a.m.6 views

D-Link DIR-816 A2 授权问题漏洞

D-Link DIR-816 A2 is a wireless router from D-Link, Taiwan, China. D-Link DIR-816 A2 1.10 B05 is vulnerable to command injection, which can be exploited by attackers to arbitrarily reset the device to /goform/form2Reboot.cgi via the crafted tokenid parameter...

9.8CVSS5.6AI score0.02165EPSS
Exploits1References5
Code423n4
Code423n4
added 2022/01/06 12:0 a.m.5 views

merge can fail due to tokenId collisions

Handle cmichel Vulnerability details The XDEFIDistribution.merge function burns tokens, which decreases the ERC721Enumerable.totalSupply and the generateNewTokenId function returns a token ID as the concatenation of the points and totalSupply + 1: function generateNewTokenIduint256 points interna...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/06 12:0 a.m.14 views

merge() can cause lock to fail due to tokenId collision

Handle WatchPug Vulnerability details function generateNewTokenIduint256 points internal view returns uint256 tokenId // Points is capped at 128 bits max supply of XDEFI for 10 years locked, total supply of NFTs is capped at 128 bits. return points PoC 1. Alice lock 1 XDEFI for 7 days 3 times got...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/06 12:0 a.m.9 views

_generateNewTokenId can create collisions

Handle sirhashalot Vulnerability details Impact The ERC721 standard requires that "for any ERC-721 Contract, the pair contract address, uint256 tokenId must be globally unique" quoted from . However, the generateNewTokenId function can produce tokenId values that are not globally unique. This wou...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/05 12:0 a.m.8 views

More than one historical lock-position may be represented by a single tokenId

Handle onewayfunction Vulnerability details Impact More than one historical lock-position may be represented by a single tokenId, violating the "uniqueness" property claimed by the xdefi-distribution repo's README.md. Proof of Concept The README.md says: The NFT's score is embedded in the tokenId...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/04 12:0 a.m.9 views

_safeMint Will Fail Due To An Edge Case In Calculating tokenId Using The _generateNewTokenId Function

Handle leastwood Vulnerability details Impact NFTs are used to represent unique positions referenced by the generated tokenId. The tokenId value contains the position's score in the upper 128 bits and the index wrt. the token supply in the lower 128 bits. When positions are unlocked after expirin...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/14 12:0 a.m.11 views

PrizePool.awardExternalERC721() Erroneously Emits Events

Handle leastwood Vulnerability details Impact The awardExternalERC721 function uses solidity's try and catch statement to ensure a single tokenId cannot deny function execution. If the try statement fails, an ErrorAwardingExternalERC721 event is emitted with the relevant error, however, the faile...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/05/17 12:0 a.m.9 views

function transferERC721 does not reset nftApprovals if the msg.sender is a delegate

Handle paulius.eth Vulnerability details Impact When the sender is not the owner, the function transferERC721 checks that the sender has nftApprovals set to true. However, after doing the transfer, it does not reset it to false. Maybe that was intended here, but comparing to the function...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/05/07 12:0 a.m.8 views

Weak PRNG

Handle maplesyrup Vulnerability details Impact Using blockhash/blocknumber and randNone are subject to attack, particularly by malicious miners: This could be used to the behavior of getRandomTokenIdFromFund to cause a preferential TokenId to be returned. It allows for gaming of the system by...

6.8AI score
Exploits0
Rows per page
Query Builder