## https://sploitus.com/exploit?id=SAINT:5C4C9088A2942BDF0473C59CB4458D5C
Added: 10/21/2021
### Background
[Apache HTTP Server](<http://httpd.apache.org/>) is an HTTP server implementation for Linux and Windows.
### Problem
A path traversal vulnerability allows remote attackers to execute arbitrary commands in certain configurations if CGI scripts are enabled.
### Resolution
[Upgrade](<https://httpd.apache.org/download.cgi>) to Apache HTTP Server 2.4.51 or higher.
### References
<https://httpd.apache.org/security/vulnerabilities_24.html>
### Limitations
Exploit works on Linux targets. CGI scripts must be enabled for the /cgi-bin/ path in order for this exploit to succeed. Targets that have the default "require all denied" configuration are not vulnerable.
### Platforms
Linux