No permission checks defined to endpoints
Days in Operation:
100 pts each
Bitswift.cash allows people to conveniently participate in the token economy, providing an accessible interface interconnecting blockchains, leaving the user in control of their own personal digital information.
The critical vulnerability was reported to Immunefi by a community security researcher. As its name suggests, the bug could lead to unlimited mint of the BCAD tokens, which the hacker could then trade via liquidity pools to other tokens and empty them out.
Luckily, BitSwift was quick in acknowledging the bug, made a payout of $4,515 to the whitehat, and patched this critical web bug vulnerability.
The endpoints were protected by checking whether the user who requested the resource is admin or not. If the request was placed by a non-admin it would be rejected. However, our researcher was able to identify that the /bcad/credit endpoint did not have any permission checks on it, and they were therefore able to request it without incurring any errors.
By initiating the above HTTP request, any attacker could have the ability to mint an unspecified amount of tokens into their account. They can then clean out any open liquidity pools with the token by trading against them until no value is left.
DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.