Apache ShenYu, an asynchronous, high-performance, cross-language, responsive API gateway from the Apache Foundation, is vulnerable to an access control error in Apache ShenYu versions 2.4.0 and 2.4.1, which stems from a lack of authentication in ShenYu Admin when registering via HTTP. An attacker could exploit this vulnerability to cause unauthorized access to system data or functionality.