CVE-2025-56219

High CVSS: 7.1

Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts without any rate limiting. This can lead to a resource exhaustion and a Denial of Service (DoS) when an excessively large number of user accounts are created.

Vendor

Ascertia

Product

Signinghub

CWE

CWE-284

Yayın Tarihi

2025-10-20 13:15:44

Güncelleme

2025-10-27 13:54:17

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 Signinghub HIGH Ascertia 2025

Referanslar

http://ascertia.com http://signinghub.com https://github.com/saykino/CVE-2025-56219

Benzer Kayıtlar

Critical

CVE-2025-54321

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an ema…

Medium

CVE-2025-54320

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email…

High

CVE-2025-56223

A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Den…

High

CVE-2025-56224

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to by…

Critical

CVE-2025-56218

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a c…

Critical

CVE-2025-56221

A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brut…