Ethereum v.1.12.2 - Remote Privilege Escalation via _transfer Function
CVE-2024-51426

8.8HIGH

Key Information:

Vendor: Ethereum
Status: PepeGxng Smart Contract
Vendor: CVE Published:; 30 October 2024

What is CVE-2024-51426?

The PepeGxng smart contract, deployed on the Ethereum blockchain, contains a vulnerability within its _transfer function that may allow remote attackers to influence its operations. Although the impact of this vulnerability is contested by various third parties, it raises concerns about the potential for unauthorized function calls, which could compromise contract integrity and security. Users and developers are advised to review these concerns thoroughly.

References

https://github.com/Wzy-source/Gala/blob/main/CVEs/EOTT_0x...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2024

CVE-2024-51426 Data

JSON