Access Control Vulnerability in Coinlancer (CL) Smart Contract Implementation
CVE-2018-17111 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The onlyOwner modifier of a smart contract implementation for Coinlancer (CL), an Ethereum ERC20 token, has a potential access control vulnerability. All contract users can access functions that use this onlyOwner modifier, because the comparison between msg.sender and owner is incorrect.
Learn more about our User Device Pen Test.