I tried to report these vulnerabilities to ImmuneFi, but they closed it (report 62070) as "out of scope." I believe them when they tell me something is out of scope, so now it's public.
https://github.com/raydium-io/raydium-cp-swap/pull/62 These vulnerabilities collectively enable fee theft, creator fee hijacking, and potential user exploitation through uncapped fee rates. Issue #3 allows attackers to steal all creator fees from pools they didn't create by exploiting the UncheckedAccount validation gap. I think the PoC speaks for itself. P.S. If anyone would like to show their appreciation, 0x24750B6b6B85dc01a4deCF764a999702550ccAe3 is my wallet address. Happy holidays, hackers! _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
