CVE-2025-56223
Modified Modified - Updated After Analysis

BaseFortify

Vulnerability report for CVE-2025-56223, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-20

Last updated on: 2026-07-05

Assigner: MITRE

Description

A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Denial of Service (DoS) via uploading an excessive number of files.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-20
Last Modified
2026-07-05
Generated
2026-07-06
AI Q&A
2025-10-20
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
ascertia signinghub to 8.6.8 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a lack of rate limiting in the /Home/UploadStreamDocument component of SigningHub version 8.6.8 and earlier. It allows attackers to upload an excessive number of files without restriction, which can overwhelm the system. [2]

Impact Analysis

The vulnerability can lead to a Denial of Service (DoS) by exhausting system resources such as disk space and increasing server load. This results in degraded system performance or complete unavailability of the SigningHub service. [2]

Detection Guidance

This vulnerability can be detected by monitoring for an unusually high number of file upload requests to the /Home/UploadStreamDocument API endpoint. Network or system logs showing rapid, repeated uploads from the same source may indicate exploitation attempts. Commands to detect this could include using web server access logs analysis, for example: 1) Using grep to filter upload requests: grep "/Home/UploadStreamDocument" /var/log/nginx/access.log 2) Counting requests per IP: grep "/Home/UploadStreamDocument" /var/log/nginx/access.log | awk '{print $1}' | sort | uniq -c | sort -nr 3) Using network monitoring tools like tcpdump or Wireshark to capture traffic to the affected endpoint. Specific commands depend on your environment and logging setup. [2]

Mitigation Strategies

Immediate mitigation steps include implementing rate limiting or throttling on the /Home/UploadStreamDocument API to restrict the number of file uploads per user or IP address. Additionally, upgrading SigningHub to a version later than 8.6.8 where the vulnerability is fixed is recommended. Monitoring and alerting on unusual upload activity can also help mitigate potential exploitation. [2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-56223. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart