RSS   Vulnerabilities for 'Node token'   RSS

2018-06-25
 
CVE-2018-12080

CWE-284
 

 
The mintToken function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

 
 
CVE-2018-12063

CWE-284
 

 
The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

 


Copyright 2019, cxsecurity.com

 

Back to Top