search

code-423n4 / 2022-12-prepo-findings

0 stars 1 forks source link

CWE-767 Access to Critical Private Variable via Public Method #212

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/prepo-io/prepo-monorepo/blob/3541bc704ab185a969f300e96e2f744a572a3640/packages/prepo-shared-contracts/contracts/AllowedMsgSenders.sol#L8

Vulnerability details

Impact

private variable can be read from attack solidity file.

Proof of Concept

Private variable on line 8: https://github.com/prepo-io/prepo-monorepo/blob/3541bc704ab185a969f300e96e2f744a572a3640/packages/prepo-shared-contracts/contracts/AllowedMsgSenders.sol#L8

Screendump PoC: https://github.com/gbadebosmith/ouch/blob/main/ReadablePrivateData20221212.jpg

Attack PoC: https://github.com/gbadebosmith/ouch/blob/main/AttackAllowedMsgSenders.sol

Tools Used

Remix IDE

Recommended Mitigation Steps

hansfriese commented 1 year ago

Is there any reason that users shouldn't know the allowed senders?

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Insufficient quality