Exploit for Path Traversal in Apache Http Server CVE-2021-41773

Name: Exploit for Path Traversal in Apache Http Server CVE-2021-41773
Rating: 5 (524 reviews)

2021-11-04 | CVSS 4.3

## https://sploitus.com/exploit?id=86360765-0B1A-5D73-A805-BAE8F1B5D16D
# CVE-2021-41773-Playground
Some docker images to play with CVE-2021-41773 and CVE-2021-42013

run `docker compose up -d` to spin up all the containers.

Servers will run on ports 8080, 8081, 8082, and 8083.

- 8080 contains an Apache 2.4.49 with CGI disabled.
- 8081 contains an Apache 2.4.49 with CGI enabled.
- 8082 contains an Apache 2.4.50 with CGI disabled.
- 8083 contains an Apache 2.4.50 with CGI enabled.

There are some flags on each server at /flag.txt See if you can grab them :)

There is a special flag hidden on the server on 8083 which requires a reverse shell (in principle)