Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Petite Pewter Orangutan - TellerV2::setProtocolPausingManager missing access control modifier #69

Open
sherlock-admin4 opened this issue Dec 10, 2024 · 0 comments
Open

Petite Pewter Orangutan - TellerV2::setProtocolPausingManager missing access control modifier #69

sherlock-admin4 opened this issue Dec 10, 2024 · 0 comments

Comments

@sherlock-admin4
Copy link

Petite Pewter Orangutan

High

TellerV2::setProtocolPausingManager missing access control modifier

Summary

TellerV2::setProtocolPausingManager missing access control modifier

Root Cause

No response

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Because it has reinitializer so it can be called again and because it lacks an access control modifier an attacker can set him as _protocolPausingManager

PoC

TellerV2::setProtocolPausingManager

     function setProtocolPausingManager(         
        address _protocolPausingManager
    ) external reinitializer(10) {

         _setProtocolPausingManager(_protocolPausingManager);

    }

Mitigation

Add the correct access control modifier to it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin4