CVE-2025-54321

CRITICAL

Ascertia SigningHub <= 8.6.8 - Authenticated Email Bombing via Password Reset Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-54321. PoCs published by saykino.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2025-54321, an email bombing vulnerability in Ascertia SigningHub's reset password function due to lack of rate limiting. It includes affected versions, mitigations, and vulnerability details but lacks functional exploit code.

Description

In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating reset password requests.

Exploits (1)

nomisec WRITEUP

by saykino · poc

https://github.com/saykino/CVE-2025-54321

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2025-54321, an email bombing vulnerability in Ascertia SigningHub's reset password function due to lack of rate limiting. It includes affected versions, mitigations, and vulnerability details but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Ascertia SigningHub <= 8.6.8

Auth required

Prerequisites: Authenticated access to the reset password function

MITRE ATT&CK

T1499.003 - Application Exhaustion Flood

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory

https://github.com/saykino/CVE-2025-54321

Vendor Advisory

https://www.ascertia.com/company/vulnerability-disclosure-policy/

Scores

CVSS v3 9.8

EPSS 0.0040

EPSS Percentile 31.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-799

Status published

Products (1)

ascertia/signinghub < 8.6.8

Published Nov 18, 2025

Tracked Since Feb 18, 2026