PT-2023-15616 · Uniswap · Uniswap Universal Router

Published

2022-11-29

Updated

2025-04-10

CVE-2022-48216

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Uniswap Universal Router versions prior to 1.1.0

Description The issue concerns the mishandling of reentrancy in the Uniswap Universal Router, which could have allowed the theft of funds.

Recommendations For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Uniswap Universal Router until the update is applied.

Exploit

Fix

Incorrect Authorization

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-667

Related Identifiers

BDU:2025-05228

CVE-2022-48216

GHSA-7M37-CX35-QGMR

Affected Products

Uniswap Universal Router

PT-2023-15616 · Uniswap · Uniswap Universal Router

CVE-2022-48216

Weakness Enumeration

Related Identifiers

Affected Products

References · 12