SYM_SOL_0026 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | High |
Description
A function in your smart contract allows anyone to call selfdestruct, which can permanently delete the contract and send its funds to an arbitrary address. This function lacks access control, so unauthorized users can trigger it.
Impact
If exploited, any user could destroy the contract, making all its code and data inaccessible and irreversibly transferring any remaining funds. This could result in total loss of assets and functionality for users and stakeholders.