QwikSec

Security Database

CVE

CWE

Training

CVE-2018-10769

Published: Aug 10, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/nkbai/defcon26/blob/master/docs/Replay%20Attacks%20on%20Ethereum%20Smart%20Contracts.md

x_refsource_MISC

[struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.