CVE-2025-54321 | THREATINT

Description

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating reset password requests.

PUBLISHED Reserved 2025-07-20 | Published 2025-11-18 | Updated 2025-11-19 | Assigner mitre

References

www.ascertia.com/company/vulnerability-disclosure-policy/

github.com/saykino/CVE-2025-54321

cve.org (CVE-2025-54321)

nvd.nist.gov (CVE-2025-54321)

Download JSON