Improper Access Control
| Property | |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| Confidence Level | Medium |
| Impact Level | High |
| Likelihood Level | Low |
Description#
The sweepToken function lacks proper access control, allowing anyone to call it and transfer tokens from the contract. This exposes critical contract assets to unauthorized users.
Impact#
If exploited, an attacker could drain tokens held by the contract, leading to significant financial losses. This can undermine user trust, disrupt protocol operations, and result in irrecoverable asset theft from the platform.