Vulnerability Description
The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
CVSS Score
7.5
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Swft | Swftcoin | - |
Related Weaknesses (CWE)
References
- https://etherscan.io/address/0x0bb217e40f8a5cb79adf04e1aab60e5abd0dfc1e#codeThird Party Advisory
- https://github.com/SwftCoins/SwftCoin/issues/1ExploitThird Party Advisory
- https://github.com/n0pn0pn0p/smart_contract_-vulnerability/blob/master/PolyAi.mdExploitThird Party Advisory
- https://etherscan.io/address/0x0bb217e40f8a5cb79adf04e1aab60e5abd0dfc1e#codeThird Party Advisory
- https://github.com/SwftCoins/SwftCoin/issues/1ExploitThird Party Advisory
- https://github.com/n0pn0pn0p/smart_contract_-vulnerability/blob/master/PolyAi.mdExploitThird Party Advisory
FAQ
What is CVE-2018-18666?
CVE-2018-18666 is a vulnerability with a CVSS score of 7.5 (HIGH). The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
How severe is CVE-2018-18666?
CVE-2018-18666 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18666?
Check the references section above for vendor advisories and patch information. Affected products include: Swft Swftcoin.