Summary

This code does check for stale price but it does not check for a range of expected prices which could lead to a malicious exploit.

Vulnerability Details

Chainlink aggregators have a built in circuit breaker if the price of an asset goes outside of a predetermined price band. The result is that if an asset experiences a huge drop in value (i.e. LUNA crash) the price of the oracle will continue to return the minPrice instead of the actual price of the asset. This would allow user to continue using the asset at the wrong price. This is exactly what happened to Venus on BSC when LUNA imploded.

Impact

A malicious user might exploit the protocol if any of the tokens getting their prices from ChainLink gets somehow exploited, so this vulnerability does not depend on the contract at all, but it can prevent it from draining funds from the contract by establishing min and max prices along side with the other already present stale checks.

Tools Used

Manual review

Recommendations

implement something like require(answer >= minPrice && answer <= maxPrice, "invalid price"); so the contract does not get exploited if anything happens to any external tokens as stated above.