Remote Attack via Owned.setOwner Function
CVE-2024-51424

9.8CRITICAL

Key Information:

Vendor: Ethereum
Status: PepeGxng Smart Contract
Vendor: CVE Published:; 30 October 2024

What is CVE-2024-51424?

A flaw in the PepeGxng smart contract enables remote attackers to influence functionality via the Owned.setOwner function, raising concerns about potential misuse. The ramifications of this vulnerability remain a subject of debate among security experts, particularly regarding the extent of the impact which appears constrained to function calls.

References

https://github.com/Wzy-source/Gala/blob/main/CVEs/AURA_0x...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2024

CVE-2024-51424 Data

JSON

Ethereum

What is CVE-2024-51424?

References

CVSS V3.1

Timeline