CVE-2018-10769

Name of the Vulnerable Software and Affected Versions SmartMesh (SMT) (affected versions not specified) First (FST) (affected versions not specified) GG Token (GG) (affected versions not specified) M2C Mesh Network (MTC) (affected versions not specified) M2C Mesh Network (mesh) (affected versions not specified) UG Token (UGT) (affected versions not specified)

Description The issue concerns the transferProxy and approveProxy functions in a smart contract implementation, which can be exploited for unauthorized transfer of digital assets due to replay attacks. This can occur when the same-named functions with the same signatures are used in other tokens.

Recommendations For SmartMesh (SMT), consider disabling the transferProxy and approveProxy functions until a patch is available. For First (FST), restrict access to the transferProxy and approveProxy functions to minimize the risk of exploitation. For GG Token (GG), avoid using the transferProxy and approveProxy functions in conjunction with other tokens until the issue is resolved. For M2C Mesh Network (MTC) and M2C Mesh Network (mesh), temporarily disable the transferProxy and approveProxy functions to prevent unauthorized transfers. For UG Token (UGT), restrict the use of the transferProxy and approveProxy functions to trusted sources only.