CVE-2018-12885

CVE-2018-12885

The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game, generates a random value with publicly readable variables such as the current block information and a private variable, (which can be read with a getStorageAt call). Therefore, attackers can get powerful champs/items and get rewards.

Source: CVE-2018-12885

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다