No Protection of Uninitialized Implementation Contracts From Attacker
Summary
Missing _disableInitializers function in the constructor to prevent the implementation contract from being used by the attacker.
Vulnerability Detail
In the contracts implement Openzeppelin’s UUPS model, uninitialized implementation contract can be taken over by an attacker with initialize function, it’s recommended to invoke the _disableInitializers function in the constructor to prevent the implementation contract from being used by the attacker.
Impact
Attacker can call the initialize function and set variable values of his choice which would cause the attacker to even steal funds.
PratRed
medium
No Protection of Uninitialized Implementation Contracts From Attacker
Summary
Missing
_disableInitializers
function in the constructor to prevent the implementation contract from being used by the attacker.Vulnerability Detail
In the contracts implement Openzeppelin’s UUPS model, uninitialized implementation contract can be taken over by an attacker with initialize function, it’s recommended to invoke the
_disableInitializers
function in the constructor to prevent the implementation contract from being used by the attacker.Impact
Attacker can call the initialize function and set variable values of his choice which would cause the attacker to even steal funds.
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/TitlesCore.sol#L32
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/graph/TitlesGraph.sol#L17
Tool used
Manual Review
Recommendation
Invoke _disableInitializers in the constructors of contracts
Duplicate of #272