c4-pre-sort
commented
9 months ago alex-ppg marked the issue as insufficient quality report
Closed c4-bot-8 closed 8 months ago
c4-pre-sort
commented
9 months ago alex-ppg marked the issue as insufficient quality report
c4-sponsor
commented
8 months ago kupermind (sponsor) disputed
c4-judge
commented
8 months ago dmvt marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/code-423n4/2023-12-autonolas/blob/2a095eb1f8359be349d23af67089795fb0be4ed1/registries/contracts/multisigs/GnosisSafeMultisig.sol#L106C7-L106C101?plain=1#L1
Vulnerability details
Impact
Unprotected call to a function sending Ether to an arbitrary address.
Dangerous calls:
GnosisSafe.handlePayment(uint256,uint256,uint256,address,address)
Tools Used
Manual Auditing line by line
Recommended Mitigation Steps
Ensure that an arbitrary user cannot withdraw unauthorized funds.
Assessed type
call/delegatecall