Exploit for Path Traversal in Apache Http Server CVE-2021-41773

Name: Exploit for Path Traversal in Apache Http Server CVE-2021-41773
Rating: 5 (139 reviews)

2021-10-07 | CVSS 4.3

## https://sploitus.com/exploit?id=FF610CB4-801A-5D1D-9AC9-ADFC287C8482
# CVE-2021-41773

apache http server vulnerability (only works 2.4.49)

## requirement settings

httpd.conf

```
...
<IfModule mpm_prefork_module>
	LoadModule cgi_module modules/mod_cgi.so # uncomment this line
</IfModule>
...
<Directory />
    AllowOverride none
#    Require all denied # comment out this line or set `Require all granted`
</Directory>
...
```

## References

- https://attackerkb.com/topics/1RltOPCYqE/cve-2021-41773/rapid7-analysis