On November 23rd, Port3 Network officials posted on social media that PORT3 adopted CATERC20, a cross-chain token scheme of the Nexa network, to support multi-chain development, but the scheme had a boundary condition verification vulnerability. After the ownership of the coin was abandoned, the return value of the function happened to match the owner verification condition, resulting in the failure of permission verification, making unauthorized access possible. The vulnerability was not detect...
11月23日消息,Port3 Network 官方在社交媒体上发文表示,PORT3 为支持多链发展采用了 Nexa 网络的跨链代币方案 CATERC20,但该方案存在边界条件验证漏洞。当代币所有权被放弃后,函数返回值恰好与所有者验证条件匹配,导致权限校验失效,使未授权访问成为可能。 该漏洞未在 CATERC20 审计报告中检出。由于 PORT3 代币此前为增强去中心化已放...