Security Advisory

CVE-2018-12885

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-08-07 15:00:00

Last updated 2024-08-05 08:45:02

Assigner mitre

State PUBLISHED

Description

The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game, generates a random value with publicly readable variables such as the current block information and a private variable, (which can be read with a getStorageAt call). Therefore, attackers can get powerful champs/items and get rewards.

← Browse all CVEs View on cve.org ↗