c4-judge
commented
1 year ago berndartmueller marked the issue as unsatisfactory: Insufficient proof
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago berndartmueller marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2023-01-numoen/blob/2ad9a73d793ea23a25a381faadc86ae0c8cb5913/src/core/Factory.sol#L2
Vulnerability details
Impact
Detailed description of the impact of this finding.
No protection against reentrancy attacks, which could allow an attacker to exploit the contract's logic by calling functions in the contract before the original call is completed.
Proof of Concept
To demonstrate the high level vulnerability, a malicious contract that calls the createLendgine function, and inside the Lendgine contract, call the malicious contract again. This can be done until the contract runs out of gas, effectively freezing the contract and its funds.