Raydium CP Swap: Unchecked Account Allows Creator Fee Hijacking
好的,我现在需要帮用户总结一篇英文文章的内容,控制在100字以内。首先,我得仔细阅读用户提供的邮件内容,理解其中的主要信息。 邮件的开头是发件人LRKTBEYK报告了漏洞,但被ImmuneFi关闭,认为“范围之外”。接着,发件人提到这些漏洞允许费用盗窃、创作者费用劫持和潜在的用户利用,特别是问题#3允许攻击者通过UncheckedAccount验证漏洞窃取创作者费用。最后,发件人提供了自己的钱包地址,并祝大家节日快乐。 接下来,我需要将这些信息浓缩到100字以内。要抓住关键点:漏洞报告被拒、漏洞导致的后果、具体的问题描述以及发件人的联系方式。 可能的结构是:发件人报告漏洞被拒,导致费用盗窃和创作者费用劫持,问题#3允许攻击者窃取费用,并提供钱包地址。 现在,组织语言:用户希望总结内容直接描述文章内容,不需要特定开头。所以直接写关键点即可。 最后检查字数是否在限制内,并确保信息准确传达。 </think> 发件人报告了Raydium CP Swap中的漏洞未被ImmuneFi采纳后公开披露,指出这些漏洞可能导致费用盗窃、创作者费劫持等问题,其中问题#3允许攻击者通过UncheckedAccount验证漏洞窃取池创作者费用。 2025-12-18 06:52:12 Author: seclists.org(查看原文) 阅读量:6 收藏
fulldisclosure logo

Full Disclosure mailing list archives

From: LRKTBEYK LRKTBEYK <llrktbeyk () gmail com>
Date: Wed, 17 Dec 2025 10:12:24 -0500
I tried to report these vulnerabilities to ImmuneFi, but they closed it
(report 62070) as "out of scope." I believe them when they tell me
something is out of scope, so now it's public.

https://github.com/raydium-io/raydium-cp-swap/pull/62

These vulnerabilities collectively enable fee theft, creator fee hijacking,
and potential user exploitation through uncapped fee rates. Issue #3 allows
attackers to steal all creator fees from pools they didn't create by
exploiting the UncheckedAccount validation gap.

I think the PoC speaks for itself.

P.S. If anyone would like to show their
appreciation, 0x24750B6b6B85dc01a4deCF764a999702550ccAe3 is my wallet
address.

Happy holidays, hackers!
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

  • Raydium CP Swap: Unchecked Account Allows Creator Fee Hijacking LRKTBEYK LRKTBEYK (Dec 17)

文章来源: https://seclists.org/fulldisclosure/2025/Dec/24
如有侵权请联系:admin#unsafe.sh