exploitDog

CVE-2022-48216

Опубликовано: 04 янв. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds.

Ссылки

https://github.com/Uniswap/universal-router/commit/d82c6685ef566d9b280651c99f4b93a8454c08a8
Patch
Third Party Advisory
https://github.com/Uniswap/universal-router/compare/v1.0.1...v1.1.0
Release Notes
Third Party Advisory
https://github.com/Uniswap/universal-router/pull/189
Patch
Third Party Advisory
https://media.dedaub.com/uniswap-bug-bounty-1625d8ff04ae
Exploit
Third Party Advisory
https://twitter.com/dedaub/status/1610058814094450694
Third Party Advisory
https://github.com/Uniswap/universal-router/commit/d82c6685ef566d9b280651c99f4b93a8454c08a8
Patch
Third Party Advisory
https://github.com/Uniswap/universal-router/compare/v1.0.1...v1.1.0
Release Notes
Third Party Advisory
https://github.com/Uniswap/universal-router/pull/189
Patch
Third Party Advisory
https://media.dedaub.com/uniswap-bug-bounty-1625d8ff04ae
Exploit
Third Party Advisory
https://twitter.com/dedaub/status/1610058814094450694
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:uniswap:universal_router_firmware:*:*:*:*:*:*:*:*

Версия до 1.1.0 (исключая)

cpe:2.3:h:uniswap:universal_router:-:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.0041

Низкий

7.5 High

CVSS3

Дефекты

CWE-667

CWE-667

Связанные уязвимости

GHSA-7m37-cx35-qgmr

CVSS3: 7.5

github

около 3 лет назад

Uniswap Universal Router Incorrect Authorization vulnerability

BDU:2025-05228

CVSS3: 7.5

fstec

около 3 лет назад

Уязвимость микропрограммного обеспечения маршрутизатора Uniswap Universal Router, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 61%

0.0041

Низкий

7.5 High

CVSS3

Дефекты

CWE-667

CWE-667