SYM_SOL_0009 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Low |
Description
The sweepToken function lacks proper access control, allowing anyone to call it and transfer tokens from the contract. This exposes critical contract assets to unauthorized users.
Impact
If exploited, an attacker could drain tokens held by the contract, leading to significant financial losses. This can undermine user trust, disrupt protocol operations, and result in irrecoverable asset theft from the platform.