## https://sploitus.com/exploit?id=SAINT:5C4C9088A2942BDF0473C59CB4458D5C
Added: 10/21/2021
### Background
Apache HTTP Server is an HTTP server implementation for Linux and Windows.
### Problem
A path traversal vulnerability allows remote attackers to execute arbitrary commands in certain configurations if CGI scripts are enabled.
### Resolution
Upgrade to Apache HTTP Server 2.4.51 or higher.
### References
https://httpd.apache.org/security/vulnerabilities_24.html
### Limitations
Exploit works on Linux targets. CGI scripts must be enabled for the /cgi-bin/ path in order for this exploit to succeed. Targets that have the default "require all denied" configuration are not vulnerable.
### Platforms
Linux