Critical Vulnerability: Unauthenticated Ownership Transfer in BOMBBA (BOMB) Smart Contract
CVE-2018-19834 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
The quaker function of a smart contract implementation for BOMBBA (BOMB), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function does not check the caller's identity.
Learn more about our Web Application Penetration Testing UK.