Old router approval not reset when setting a new router
Summary
In the setRouter function, a new router is set without resetting the approval for the old router. This can leave the old router with unlimited approval, posing a security risk.
Vulnerability Details
The setRouter function updates the router contract and sets a new approval for the updated router. However, it does not reset the approval for the old router, leaving it with unlimited access to the underlying token. If the old router becomes compromised or behaves maliciously, it could exploit this unrestricted approval.
In the current implementation, the old router retains approval to spend the underlying token, which is not explicitly revoked.
Impact
This vulnerability could lead to unintended token transfers by the old router if it becomes compromised or malicious. Attackers could exploit this to drain the contract's underlying token balance, causing significant financial loss.
Tools Used
Manual inspection.
Recommendations
To mitigate the risk, reset the approval for the old router before setting a new one. This ensures that no obsolete router retains token access.
This modification explicitly revokes the approval for the old router before updating to a new one, minimizing the risk of token mismanagement.
Appeal created
Old router approval is not revoked after an update
Old router approval is not revoked after an update
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.