Vulnerability Description
The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always causing exceptions buys a land, users cannot buy lands near that contract's land, because those purchase attempts will not be completed unless the doPayouts() function successfully sends Ether to certain neighbors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Megacryptopolis | Megacryptopolis | - |
Related Weaknesses (CWE)
References
- https://medium.com/coinmonks/denial-of-service-dos-attack-on-megacryptopolis-an-Broken Link
- https://medium.com/coinmonks/denial-of-service-dos-attack-on-megacryptopolis-an-Broken Link
FAQ
What is CVE-2018-13877?
CVE-2018-13877 is a vulnerability with a CVSS score of 7.5 (HIGH). The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always caus...
How severe is CVE-2018-13877?
CVE-2018-13877 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-13877?
Check the references section above for vendor advisories and patch information. Affected products include: Megacryptopolis Megacryptopolis.