Unauthenticated Ownership Transfer Vulnerability in DDQ Token Smart Contract

Unauthenticated Ownership Transfer Vulnerability in DDQ Token Smart Contract

CVE-2018-19833 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

The owned function of a smart contract implementation for DDQ, an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.

Learn more about our Web Application Penetration Testing UK.