## https://sploitus.com/exploit?id=F463914D-1B20-54CA-BF87-EA28F3ADE2A3
# CVE-2021-41773 - RCE Apache version 2.4.49/2.4.50
CVE-2021-41773 is a critical security vulnerability that affects the Apache HTTP Server versions 2.4.49 and 2.4.50. This vulnerability exposes the server to both Path Traversal and Remote Code Execution (RCE) attacks, potentially allowing malicious actors to gain unauthorized access to the system and execute arbitrary code remotely.
# Vulnerability Details
CVE ID: CVE-2021-41773
CVSS Score: 9.8 (Critical)
Affected Versions: Apache HTTP Server 2.4.49/2.4.50
Attack Vector: Remote
Exploit Complexity: Low
Authentication: None required
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High
Attack Type: Path traversal
# Proof-of-Concept (PoC) Exploit
For the purposes of demonstrating the Remote Code Execution (RCE) part of this vulnerability, a Proof-of-Concept (PoC) exploit has been developed. However, please note that this PoC focuses solely on showcasing the RCE aspect and does not cover the entire vulnerability.
To protect users from potential abuse of this PoC exploit, it is highly recommended that administrators urgently update their Apache HTTP Server installations to version 2.4.51 or the latest available release.
# Disclaimer
The PoC exploit provided here is intended strictly for educational and informational purposes. The author assumes no liability for any misuse, damage, or unlawful access that may arise from the use of this PoC exploit. It is strongly advised to use this information responsibly and solely in controlled environments with appropriate authorization. Always seek the necessary permissions and adhere to applicable laws and regulations before conducting any security testing.