Access Control Vulnerability in Farm Smart Contract Implementation of Seal Finance

CVE-2021-3006 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an Ethereum token, lacks access control and thus allows price manipulation, as exploited in the wild in December 2020 and January 2021.

Learn more about our Web Application Penetration Testing UK.