CVE-2025-45237 — Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password. — CVE Database · The Intelligence Room