Open hats-bug-reporter[bot] opened 3 months ago
duplicate #24 @0xmahdirostami @0xRizwan
I would like to clarify that issue #87 is not a duplicate of issue #24.
any valid safe
to add itself to any organization without proper permissions.
bypassing
isSafe checks by creating a custom contract that mimics a safe
, allowing unauthorized contracts to exploit the system.These issues are distinct and address different security vulnerabilities
thank you i think it's duplicate of issue #46. the root casue of this issue: addresses the lack of authorization checks in the addSafe function, allowing any valid safe to add itself to any organization without proper permissions.
issue #46, The function allows the caller (a safe) to add it to an organisation.
Given this, anyone can stuff any given org to the TreeDepthLimit with Safes they don't want.
There is no issue with this, the new added safe does not have any control over other safes, and the root and super safe do have control over it.
Github username: -- Twitter username: -- Submission hash (on-chain): 0x502694a977b0b4659d5341adbcaabf4be8294cbd97fd5baa9abf6df97349c7a5 Severity: high
Description: Description\ The
addSafe
function in the PalmeraModule contract allows any safe to call this function and add itself to an organization, provided it has a valid superSafeId. This lack of restriction can lead to unauthorized safes being added to an organization, potentially compromising the security and integrity of the organization. Attack Scenario\ An attacker can exploit this vulnerability by calling the addSafe function with a valid superSafeId and adding their own safe to the organization. This can be done without any checks on the caller's permissions, allowing the attacker to become part of the organization without proper authorization.Attachments
To fix this issue, add a check to ensure that only authorized roles (e.g., root safe or super safe) can call the addSafe function