CVEs-PoC/2020/CVE-2020-13937.md

CVE-2020-13937

Description

Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.

POC

Reference

No PoCs from references.

Github

• https://github.com/0day404/vulnerability-poc
• https://github.com/20142995/Goby
• https://github.com/20142995/pocsuite3
• https://github.com/ARPSyndicate/cvemon
• https://github.com/ARPSyndicate/kenzer-templates
• https://github.com/Al1ex/CVE-2020-13937
• https://github.com/ArrestX/--POC
• https://github.com/EdgeSecurityTeam/Vulnerability
• https://github.com/Elsfa7-110/kenzer-templates
• https://github.com/H4ckTh3W0r1d/Goby_POC
• https://github.com/HimmelAward/Goby_POC
• https://github.com/KayCHENvip/vulnerability-poc
• https://github.com/Miraitowa70/POC-Notes
• https://github.com/SexyBeast233/SecBooks
• https://github.com/StarCrossPortal/scalpel
• https://github.com/Threekiii/Awesome-POC
• https://github.com/Z0fhack/Goby_POC
• https://github.com/amcai/myscan
• https://github.com/anonymous364872/Rapier_Tool
• https://github.com/apif-review/APIF_tool_2024
• https://github.com/bigblackhat/oFx
• https://github.com/d4n-sec/d4n-sec.github.io
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/kailing0220/CVE-2020-13937
• https://github.com/merlinepedra/nuclei-templates
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/openx-org/BLEN
• https://github.com/sobinge/nuclei-templates
• https://github.com/soosmile/POC
• https://github.com/trganda/starrlist
• https://github.com/tzwlhack/Vulnerability
• https://github.com/xinyisleep/pocscan
• https://github.com/yaunsky/CVE-2020-13937
• https://github.com/youcans896768/APIV_Tool