CVE-2018-18425

Name of the Vulnerable Software and Affected Versions Primeo (PEO) smart contract implementation (affected versions not specified)

Description The issue concerns the doAirdrop function in the smart contract implementation, which fails to validate the numerical relationship between the airdrop amount and the token's total supply. This allows the contract owner to issue an arbitrary amount of currency, effectively increasing the total supply beyond the hard cap defined in the contract and devaluing the token.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.