NiceHash Miner before Improper Input Validation Vulnerability


An issue was discovered in NiceHash Miner before A missing rate limit while adding a wallet via Email address allows remote attackers to submit a large number of email addresses to identify valid ones.


The information has been provided by Vendor

The original article can be found at:



By exploiting this vulnerability with  (Username Enumeration) an adversary can enumerate a large number of valid users’ Email addresses.


Vulnerable Systems:

NiceHash Miner before


CVE Information:



Disclosure Timeline:
Published Date:11/6/2019