Exploit for Path Traversal in Apache Http Server CVE-2021-41773

Name: Exploit for Path Traversal in Apache Http Server CVE-2021-41773
Rating: 5 (124 reviews)

2021-10-18 | CVSS 4.3

## https://sploitus.com/exploit?id=BF9B0898-784E-5B5E-9505-430B58C1E6B8
# CVE-2021-41773 and CVE-2021-42013 Lab Setup

## Setup 
```
$ git clone https://github.com/vulf/CVE-2021-41773_42013
$ cd CVE-2021-41773_42013
cd to the directory of your choice
$ docker build -t vuln_apache .
$ docker run -d vuln_apache
```
NOTE: The `httpd.conf` files are configured to be vulnerable to RCE by default. For only Path Traversal, read [this](https://github.com/vulf/CVE-2021-41773_42013#for-path-traversal-setup).

## For Path Traversal setup
* Comment the following line in `httpd.conf`
```
LoadModule cgid_module modules/mod_cgid.so
```