CVE-2025-45237

Published: May 5, 2025

Modified: May 6, 2025

PUBLISHED

Description

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/86dbs/dbsyncer

https://gist.github.com/chao112122/11cd0cc46f0c806856f375f9f3f410c6

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-45237

Description

Affected Products

References