Medium severity6.5NVD Advisory· Published Jun 19, 2019· Updated Jun 17, 2026
CVE-2018-18425
CVE-2018-18425
Description
The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token, does not check the numerical relationship between the amount of the air drop and the token's total supply, which lets the owner of the contract issue an arbitrary amount of currency. (Increasing the total supply by using 'doAirdrop' ignores the hard cap written in the contract and devalues the token.)
Affected products
2- Primeo/Primeodescription
Patches
Vulnerability mechanics
References
2- www.jianshu.com/p/09f238e9e568nvdExploitPatchThird Party Advisory
- etherscan.io/address/0x21a8a03b34e053f9b1d4545213d9d1d411a9d449nvdThird Party Advisory
News mentions
0No linked articles in our index yet.