Ether Cartel Smart Contract Vulnerability: CEO Takeover and Asset Manipulation

Ether Cartel Smart Contract Vulnerability: CEO Takeover and Asset Manipulation

CVE-2018-11329 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets (including Ether balance and tokens) might be manipulated by the attackers, as exploited in the wild in May 2018.

Learn more about our Web Application Penetration Testing UK.