The ToOwner() function of a smart contract implementation for Cryptbond Network (CBN), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.
References
Configurations
History
21 Nov 2024, 03:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/SmartContractResearcher/SmartContractSecurity/blob/master/New%20Vulnerabilities%20Allow%20Anyone%20to%20Own%20Certain%20ERC20-Based%20Smart%20Contracts%28CVE-2018-19830%2C%20CVE-2018-19831%2C%20CVE-2018-19832%2C%20CVE-2018-19833%2C%20CVE-2018-19834%29/README.md - |
07 Nov 2023, 02:55
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2019-12-31 16:15
Updated : 2024-11-21 03:58
NVD link : CVE-2018-19831
Mitre link : CVE-2018-19831
CVE.ORG link : CVE-2018-19831
JSON object : View
Products Affected
cryptbond_network_project
- cryptbond_network
CWE
CWE-287
Improper Authentication