📦

smartmesh

Vendor: smartmesh

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.31% Exploit Prob.

Latest CVE CVE-2018-10769 Aug 10

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2018-10769

The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT).

EPSS: 0.34%

Severity: HIGH

Aug 10, 2018

7.5 CVSS

CVE-2018-10376

Exploit Found

An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in April 2018, aka the "proxyOverflow" issue.

EPSS: 0.27%

Severity: HIGH

Apr 25, 2018

Displaying 2 of 1 Total Entries

Total 1 Sections