Vulnerabilities > CVE-2019-15078 - Unspecified vulnerability in Xbornid 20190529

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

xbornid

NVD

Published: 2020-12-30

Updated: 2021-01-04

Summary

An issue was discovered in a smart contract implementation for AIRDROPX BORN through 2019-05-29, an Ethereum token. The name of the constructor has a typo (wrong case: XBornID versus XBORNID) that allows an attacker to change the owner of the contract and obtain cryptocurrency for free.

Vulnerable Configurations

Part	Description	Count
Application	Xbornid Xbornid Xbornid - Xbornid Xbornid 2019-05-29	2

References

https://github.com/smsecgroup/SM-VUL/tree/master/typo-vul-00