CVE-2025-56224

High CVSS: 8.1

A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.

Vendor

Ascertia

Product

Signinghub

CWE

CWE-307

Yayın Tarihi

2025-10-20 13:15:44

Güncelleme

2025-10-27 13:45:04

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-307 Signinghub HIGH Ascertia 2025

Referanslar

http://ascertia.com http://signinghub.com https://github.com/saykino/CVE-2025-56224

Benzer Kayıtlar

Critical

CVE-2025-54321

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an ema…

Medium

CVE-2025-54320

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email…

High

CVE-2025-56219

Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts without any rate limitin…

High

CVE-2025-56223

A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Den…

Critical

CVE-2025-56218

An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a c…

Critical

CVE-2025-56221

A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brut…