Insecure Ownership Transfer Vulnerability in Cryptbond Network (CBN) Smart Contract

Insecure Ownership Transfer Vulnerability in Cryptbond Network (CBN) Smart Contract

CVE-2018-19831 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

The ToOwner() function of a smart contract implementation for Cryptbond Network (CBN), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.

Learn more about our Network Penetration Testing.