CVE-2018-13877

HIGH

MegaCryptoPolis - Denial of Service via doPayouts Function

Title source: llm
STIX 2.1

Description

The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always causing exceptions buys a land, users cannot buy lands near that contract's land, because those purchase attempts will not be completed unless the doPayouts() function successfully sends Ether to certain neighbors.

Scores

CVSS v3 7.5
EPSS 0.0105
EPSS Percentile 60.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (1)
megacryptopolis/megacryptopolis
Published Aug 06, 2018
Tracked Since Feb 18, 2026