Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Account compromise in Evmos
Vulnerability Description
Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. In versions of evmos prior to 2.0.1 attackers are able to drain unclaimed funds from user addresses. To do this an attacker must create a new chain which does not enforce signature verification and connects it to the target evmos instance. The attacker can use this joined chain to transfer unclaimed funds. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
认证机制不恰当
Vulnerability Title
Evmos 授权问题漏洞
Vulnerability Description
Evmos是一个可扩展、高吞吐量的权益证明区块链。用于与以太坊完全兼容和互操作。 Evmos存在安全漏洞,该漏洞源于攻击者利用该漏洞能够从用户地址中抽走无人认领的资金。
CVSS Information
N/A
Vulnerability Type
N/A