SYM_SOL_0008 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Enforcement of a Single, Unique Action
| Property | Value |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-837: Improper Enforcement of a Single, Unique Action |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | Medium |
Description
A function that relies on a fixed msg.value can be called multiple times in a single transaction when used with batch or multicall contracts. This means the function could incorrectly process the same payment more than once, leading to unintended behavior.
Impact
An attacker could exploit this by making multiple calls with the same msg.value, potentially draining funds, duplicating actions, or bypassing payment logic. This can result in significant financial loss or manipulation of contract state, putting user assets and the application's integrity at risk.