CVE-2019-15078

Name of the Vulnerable Software and Affected Versions AIRDROPX BORN through 2019-05-29

Description An issue was discovered in the smart contract implementation of AIRDROPX BORN, an Ethereum token. The constructor name has a typo, with XBornID instead of XBORNID, allowing an attacker to change the contract owner and obtain cryptocurrency for free.

Recommendations For AIRDROPX BORN through 2019-05-29, consider disabling the contract until a patch is available to prevent exploitation of the typo in the constructor name. At the moment, there is no information about a newer version that contains a fix for this issue.