s0x0mtee - Anyone can register themselves or any address to any profile and delete the address of the owners of those profiles (including Owner's profile) they choose without even having a profile. #253
Anyone can register themselves or any address to any profile and delete the address of the owners of those profiles (including Owner's profile) they choose without even having a profile.
Summary
registerAddress() has no check to ensure profileIdByAddress(msg.sender) != 0 hence attackers(or even regular users ) can hijack other peoples profiles and registering their addresses to that profile. All they need is to know the profileId of the profile they want to hijack. Which can lead to lots and lots spam reviews and votes, which would reduce the integrity of the protocol.
s0x0mtee
High
Anyone can register themselves or any address to any profile and delete the address of the owners of those profiles (including Owner's profile) they choose without even having a profile.
Summary
registerAddress()has no check to ensureprofileIdByAddress(msg.sender) != 0hence attackers(or even regular users ) can hijack other peoples profiles and registering their addresses to that profile. All they need is to know theprofileIdof the profile they want to hijack. Which can lead to lots and lots spam reviews and votes, which would reduce the integrity of the protocol.Root Cause
callerofregisterAddress()is registered to thatprofileIdhttps://github.com/sherlock-audit/2024-10-ethos-network/blob/main/ethos/packages/contracts/contracts/EthosProfile.sol#L373-L409Internal pre-conditions
registerAddress()External pre-conditions
Attack Path
registerAddress()with any valid profileId.Impact
PoC
No response
Mitigation
No response