CVE-2021-41773

This script exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49, allowing remote code execution via crafted CGI requests. It sends a malicious curl request to traverse directories and execute arbitrary commands.

This repository provides a Docker-based environment to test CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49. It includes examples for local file disclosure and remote code execution via crafted HTTP requests.

This repository provides a multithreaded tool for detecting and exploiting CVE-2021-41773 and CVE-2021-42013 vulnerabilities. It appears to be a scanner or detection tool rather than a full exploit PoC, as no exploit code is provided in the shared files.

This repository contains a bash script for scanning and exploiting CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49. The tool supports both single and mass target scanning, as well as remote command execution if MOD_CGI is enabled.

This repository contains a Python-based scanner for detecting Apache path traversal vulnerabilities, specifically CVE-2020-17519, CVE-2021-41773, and CVE-2021-42013. It includes modules for handling requests, threading, and file operations to test multiple targets efficiently.

This PoC checks if an Apache HTTP Server is vulnerable to CVE-2021-41773, a path traversal flaw in versions 2.4.49 and 2.4.50. It attempts to read a known file outside the document root to confirm vulnerability.

This repository provides a proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache 2.4.49 that can lead to remote code execution (RCE) via crafted HTTP requests. The payloads demonstrate directory traversal and command injection techniques.

This is a Python script that tests for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It attempts to read the /etc/passwd file by exploiting the vulnerability and checks if the target server is vulnerable.

This repository contains multiple Python scripts for exploiting CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The scripts include a mass scanner, an RCE exploit, and a manual command execution tool.

This repository provides vulnerable Docker images and PoC commands for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes configurations for both file read and remote code execution (RCE) scenarios.

This repository contains a mass vulnerability scanner for CVE-2021-41773 and CVE-2021-42013, targeting Apache 2.4.49 and 2.4.50. It uses GNU Parallel to check multiple targets for path traversal and command injection vulnerabilities.

This PoC exploits a path traversal vulnerability (CVE-2021-41773) and RCE (CVE-2021-42013) in Apache HTTP Server 2.4.49/2.4.50 by sending crafted requests to execute arbitrary commands or read files. The script automates the attack against a list of targets.

This repository contains a Python-based scanner for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The scripts attempt to read /etc/passwd via malformed URI paths to determine if a host is vulnerable.

This repository describes a QT C++ tool for exploiting CVE-2021-41773, a path traversal and command execution vulnerability in Apache HTTP Server. The tool includes features for vulnerability detection, directory traversal, command execution, and reverse shell functionality.

This repository contains a functional PoC for CVE-2021-41773 and CVE-2021-42013, targeting path traversal and remote code execution vulnerabilities in Apache HTTP Server 2.4.49-2.4.50. The exploit leverages crafted paths to bypass security checks and execute commands or read arbitrary files.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes a Docker setup to replicate the vulnerable environment and demonstrates how to exploit the flaw to read arbitrary files (e.g., /etc/passwd) using URL-encoded dot segments.

This repository contains a working PoC for CVE-2021-41773 and CVE-2021-42013, which are path traversal and RCE vulnerabilities in Apache HTTP Server 2.4.49 and 2.4.50. It includes Metasploit modules for scanning and exploitation, along with Docker setup instructions for testing.

This exploit leverages a directory traversal vulnerability in Apache 2.4.49 by sending a crafted HTTP GET request to access arbitrary files outside the web root. The script checks for vulnerability and retrieves the file content if successful.

This repository provides a proof-of-concept exploit for CVE-2021-41773, a path traversal vulnerability in Apache 2.4.49 and 2.4.50 that can lead to remote code execution (RCE) under specific conditions. The exploit leverages the default '/cgi-bin/' mapping and requires mod_cgi to be enabled, along with specific permissions and executable binaries.

This Python script tests for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It attempts to read /etc/passwd via a crafted URI and checks for the presence of 'root' in the response.

This Go-based PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49/2.4.50, allowing arbitrary file reads and command execution via crafted requests to `/cgi-bin/.%2e/` endpoints.

This repository contains a Python script to check and exploit the Apache HTTP Server path traversal vulnerabilities CVE-2021-41773 and CVE-2021-42013. It includes functionality for both file reading and remote command execution (RCE) if CGI is enabled.

This repository provides a proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes detailed steps to exploit the vulnerability, achieving remote command execution (RCE) via CGI module manipulation and arbitrary file reads.

This repository provides a writeup and setup instructions for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes Docker setup for testing but does not contain actual exploit code.

This repository provides an NSE (Nmap Scripting Engine) script to scan for CVE-2021-41773, a path traversal vulnerability in Apache 2.4.49. It does not include exploit code but offers a detection method via Nmap.

This repository contains a functional exploit for CVE-2021-41773 and CVE-2021-42013, targeting path traversal and RCE vulnerabilities in Apache HTTP Server versions 2.4.49 and 2.4.50. The exploit tests for both CGI and non-CGI configurations, leveraging path normalization flaws to read arbitrary files or execute commands.

This PoC exploits a path traversal vulnerability in Apache 2.4.49 by using URL-encoded dot-segment sequences to bypass normalization and access arbitrary files outside the web root. The example demonstrates reading /etc/hosts, confirming the vulnerability via a regex match for '127.0.0.1' and a 200 status code.

This repository contains a Python-based PoC and exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit allows reading arbitrary files (e.g., /etc/passwd) and executing commands via a crafted URL path.

This is a Python-based exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It constructs a malicious URL to access arbitrary files on the target system by leveraging improper URL normalization.

This repository contains multiple Metasploit modules and scripts targeting CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The PoC includes file upload and remote command execution capabilities.

This repository provides a detailed writeup and Docker-based playground for testing CVE-2021-41773, a vulnerability in Apache 2.4.49 that allows both Local File Disclosure (LFD) and Remote Code Execution (RCE) via path traversal and URL encoding.

This repository provides Docker containers to test CVE-2021-41773 (Apache 2.4.49/2.4.50 path traversal and RCE). It includes vulnerable Apache instances with and without CGI enabled, allowing users to exploit the vulnerability to retrieve flags or achieve remote code execution.

This PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49, by sending a crafted request to access sensitive files like /etc/passwd. The script checks if the response contains 'root' to confirm vulnerability.

This repository contains a Python-based exploit for CVE-2021-41773 and CVE-2021-42013, which are path traversal vulnerabilities in Apache HTTPD. The exploit demonstrates file mapping and remote code execution by leveraging Docker containers for vulnerable environments.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution (RCE) via CGI scripts. The PoC includes steps for exploitation, including command injection and reverse shell setup.

This PoC leverages Shodan to scan for Apache servers vulnerable to CVE-2021-41773 (path traversal and RCE). It attempts to read /etc/passwd and execute commands via a crafted payload.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes curl commands to exploit the vulnerability and retrieve sensitive files like /etc/passwd.

This repository provides a detailed technical analysis of CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server versions 2.4.49-2.4.50. It includes environment setup instructions, PoC demonstrations using curl, root cause analysis, and mitigation steps.

This PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49, allowing arbitrary command execution via a crafted URL. It supports both direct command execution and reverse shell functionality.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes Docker setup instructions and curl commands to exploit the flaw, demonstrating file disclosure outside the document root.

This PoC demonstrates CVE-2021-41773, a path traversal vulnerability in Apache 2.4.49, by using a Docker container to exploit the flaw and leak the contents of /etc/passwd via a maliciously crafted URL.

This repository contains functional exploit code for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution (RCE) via mod_cgi. The repository also includes a full kill chain demonstration, combining CVE-2021-41773 with CVE-2017-5638 (Apache Struts2 S2-045) for lateral movement.

This repository contains a modular Python-based LFI exploitation tool targeting CVE-2021-41773, with multiple modes for artifact fuzzing, log poisoning, reverse shell execution, and session hijacking. The tool supports both Linux and Windows targets with extensive wordlists and payload options.

This repository provides a detailed writeup and demonstration of CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution when CGI is enabled. It includes exploit steps, references, and a reverse shell payload example.

This repository contains a Python script that exploits CVE-2021-41773, a path traversal and remote code execution vulnerability in Apache HTTP Server 2.4.49 and 2.4.50. The script checks for both path traversal and RCE vulnerabilities by sending crafted HTTP requests to vulnerable endpoints.

This is a functional exploit for CVE-2021-41773, targeting Apache HTTP Server 2.4.49. It leverages path traversal and command injection via CGI to achieve remote code execution.

This repository contains a working PoC for CVE-2021-41773, a path traversal and RCE vulnerability in Apache 2.4.49. The exploit uses a crafted curl command to execute arbitrary commands via a vulnerable CGI endpoint.

This PoC exploits CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49 and 2.4.50. It allows remote command execution via crafted requests to the CGI directory.

This repository contains a Python script that exploits CVE-2021-41773, a path traversal and remote code execution vulnerability in Apache HTTP Server versions 2.4.49 and 2.4.50 with CGI enabled. The script reads a list of target IPs and attempts to execute a specified command on each vulnerable server.

This repository contains two Python scripts demonstrating CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The first script checks for vulnerability by reading /etc/passwd, while the second achieves RCE by executing commands via bin/sh.

This repository is a writeup or documentation for a honeypot related to CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It references an external blog post but contains no exploit code or technical details.

This repository contains a bash script to check for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The script tests multiple hosts for the vulnerability by attempting to access '/etc/passwd' via a malformed URI path.

This repository contains a Python script that tests for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The script sends GET requests with encoded payloads to retrieve /etc/passwd and checks for the presence of 'root' in the response.

This repository provides a Docker-based environment to test CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49. It includes examples for local file disclosure and remote code execution via crafted HTTP requests.

This repository contains a functional exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit uses a crafted URL to bypass path normalization and execute arbitrary commands via a shell.

This repository contains a functional Python exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The exploit uses double-percent encoding to bypass path normalization and execute arbitrary commands via a crafted POST request to a CGI script.

This repository contains a functional Python exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The exploit uses double-percent encoding to bypass path normalization and execute arbitrary commands via a crafted POST request to `/bin/sh`.

This repository provides vulnerable Docker images for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes configurations for both file read and remote code execution (RCE) scenarios, with clear instructions for exploitation.

This is a functional exploit for CVE-2021-41773, targeting Apache HTTP Server 2.4.49. It leverages path traversal to achieve remote code execution by sending a reverse shell payload.

This is an NSE script for Nmap designed to detect the Apache HTTP Server Path Traversal vulnerability (CVE-2021-41773) by sending crafted HTTP requests and analyzing responses for file content leaks.

This repository contains a Python script that exploits CVE-2021-41773, a path traversal and remote code execution vulnerability in Apache HTTP Server 2.4.50. The script checks for the vulnerable Apache version and attempts to exploit it by either reading sensitive files or executing a reverse shell if CGI is enabled.

This repository provides a functional PoC for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. It includes a Dockerfile to set up a vulnerable environment and demonstrates exploitation via crafted curl commands.

This exploit leverages a path traversal vulnerability in Apache HTTP Server 2.4.49-2.4.50 to execute arbitrary commands via a crafted URL. It provides an interactive shell by sending POST requests to a traversed path leading to /bin/sh.

This repository contains two Python scripts demonstrating CVE-2021-41773, a path traversal and remote code execution vulnerability in Apache HTTP Server 2.4.49. The first script reads arbitrary files, while the second executes commands via a crafted POST request to a traversed path.

This exploit leverages a path traversal vulnerability in Apache 2.4.49 to achieve remote command execution via a crafted CGI request. The PoC provides an interactive shell by sending commands through the vulnerable endpoint.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution (RCE) via CGI scripts. The PoC includes steps for setting up a vulnerable environment, exploiting the flaw to execute commands, and establishing a reverse shell.

This repository contains a Python-based PoC exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 and 2.4.50. The exploit demonstrates file reading and command execution via CGI scripts using URL-encoded path traversal sequences.

This PoC exploits a path traversal vulnerability in Apache HTTP Server versions 2.4.49 and 2.4.50 with mod_cgi disabled. It uses a crafted URI to bypass path normalization and access files outside the web root directory.

This repository provides a Zeek package for detecting path traversal and RCE attempts targeting CVE-2021-41773 in Apache HTTP Server 2.4.49 and 2.4.50. It includes detection logic and example notices for triage.

This repository contains a functional proof-of-concept exploit for CVE-2021-41773, targeting Apache HTTP Server 2.4.49/2.4.50. The exploit leverages path traversal and command injection to achieve remote code execution (RCE) or read arbitrary files.

This repository provides a lab setup for testing CVE-2021-41773 and CVE-2021-42013, which are vulnerabilities in Apache HTTP Server. It includes Docker configurations to create a vulnerable environment for testing path traversal and potential RCE.

This repository contains the Apache HTTP Server 2.4.49 source code and documentation, including references to CVE-2021-41773 and CVE-2021-42013. No exploit code is present in the provided files.

This repository contains a scanner for CVE-2021-41773, a path traversal vulnerability in Apache 2.4.49. It checks for the presence of the vulnerability by attempting to read sensitive files like /etc/passwd.

This Ruby script exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 and 2.4.50, allowing arbitrary file read and potential RCE via crafted requests to cgi-bin endpoints.

This PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49, by sending crafted requests to access sensitive files like /etc/passwd. It uses curl to test for vulnerability and checks for the presence of root user entries in the response.

This repository provides a Docker-based lab environment to exploit CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes PoC commands for both Local File Inclusion (LFI) and Remote Code Execution (RCE).

This repository contains a bash script that exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The script uses a crafted URL to access files outside the intended directory, demonstrating an information leak.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit leverages improper URL normalization to access files outside the intended directory, such as /etc/hosts.

This repository contains a functional Python script that exploits CVE-2021-41773, a path traversal vulnerability in Apache httpd 2.4.49. The script sends a crafted POST request to execute arbitrary commands via a traversal path, confirming RCE if successful.

This repository contains a functional exploit for CVE-2021-41773, demonstrating path traversal and remote code execution in Apache 2.4.49 via a misconfigured `<Directory />` directive. The exploit uses a Dockerized vulnerable environment and a shell script to automate the attack chain.

This repository contains a detailed technical analysis and project plan for reproducing CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It explains the root cause (flawed ap_normalize_path() function) and outlines steps to exploit it using percent-encoded dot-dot-slash sequences.

This repository contains a functional exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The exploit script demonstrates the vulnerability by reading /etc/passwd and executing arbitrary commands via mod_cgi.

This repository provides vulnerable Docker images for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes functional PoC commands for both file read and remote code execution (RCE) scenarios, depending on the server configuration.

This repository contains a functional exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit leverages a malformed URI to bypass path normalization and execute arbitrary commands via a shell script.

The repository contains a functional Python PoC exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The exploit includes both file read and remote command execution capabilities, along with a Docker lab setup for testing.

This repository contains a functional exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution (RCE). The exploit uses raw sockets to preserve URL-encoded path sequences, bypassing access controls and executing arbitrary commands via CGI.

The repository contains a functional Python exploit for CVE-2021-41773, demonstrating path traversal and remote code execution in Apache HTTP Server 2.4.49. The exploit sends crafted HTTP requests to execute arbitrary commands via a vulnerable CGI endpoint.

This repository contains a functional proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes an exploit script that crafts malicious HTTP requests to access sensitive files outside the web root, along with vulnerable and patched server simulations for educational purposes.

This repository contains a functional exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes a Docker-based lab setup and a Python script to automate the exploitation of the flaw.

This repository contains a functional exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The exploit uses a crafted URL to traverse directories and execute a reverse shell via a bash command.

This repository provides a functional Docker-based proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit demonstrates unauthorized access to system files (e.g., /etc/passwd) via crafted HTTP requests.

The repository contains only a Dockerfile and a minimal README with no actual exploit code or technical details about CVE-2021-41773. It lacks any functional PoC or analysis.

This repository contains a functional Python exploit for CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49/2.4.50. The exploit leverages malformed CGI paths to achieve remote code execution (RCE) on vulnerable systems.

This repository contains a functional Python exploit for CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49/2.4.50. The exploit leverages malformed CGI paths to achieve remote code execution (RCE) on vulnerable systems.

This repository contains a functional Python exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49/2.4.50. The exploit leverages malformed CGI paths to execute arbitrary commands via a pseudo-interactive shell.

This repository contains a functional Python exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49/2.4.50. The exploit leverages malformed CGI paths to execute arbitrary commands via a pseudo-interactive shell.

This repository contains a functional PoC exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The exploit leverages improper URL path normalization to traverse directories and execute commands via mod_cgi.

This repository contains a functional PoC for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The script tests multiple payloads to read arbitrary files (e.g., /etc/passwd) and includes a mock vulnerable server for testing.

This repository contains a Python-based CLI tool that checks for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It verifies the server version and attempts to confirm the vulnerability by probing for `/etc/passwd` disclosure.

This repository contains a technical analysis and reproduction lab for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. It does not include exploit code but provides documentation for understanding the vulnerability.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes Docker setup instructions and curl commands to exploit the flaw, demonstrating file disclosure outside the document root.

This PoC demonstrates CVE-2021-41773, a path traversal vulnerability in Apache 2.4.49, by exploiting a flaw in URL normalization to access the /etc/passwd file. The script uses Docker to set up a vulnerable environment and curls a maliciously crafted URL to trigger the vulnerability.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes a Docker setup to replicate the vulnerable environment and demonstrates the exploit via a crafted HTTP request to access sensitive files like /etc/passwd.

This repository contains a working PoC for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The exploit script uses a crafted curl command to traverse directories and execute commands on vulnerable servers.

This repository contains a Python-based scanner for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. It checks for the presence of /etc/passwd via CGI-BIN paths using various encoded payloads.

This is a functional Python exploit for CVE-2021-41773, a path traversal and command injection vulnerability in Apache HTTP Server 2.4.49. It crafts a malicious request to execute arbitrary commands via a traversal sequence in the CGI directory.

This repository provides a detailed technical analysis of CVE-2021-41773, including CVSS breakdown, impact assessment, and mitigation steps. It does not contain exploit code but offers in-depth documentation of the vulnerability.

This is a detailed writeup explaining CVE-2021-41773 and CVE-2021-42013, which are path traversal vulnerabilities in Apache HTTP Server versions 2.4.49 and 2.4.50. It includes background information, theoretical explanations, and setup instructions for a vulnerable Docker environment.

This is a functional exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache 2.4.49. It leverages a malformed URI path to execute arbitrary commands via a reverse shell.

This repository contains a functional exploit for CVE-2021-41773 and CVE-2021-42013, targeting Apache HTTP Server 2.4.49 and 2.4.50. It includes both RCE and LFI capabilities via path traversal vulnerabilities.

This is a Python-based exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It leverages URL-encoded path traversal sequences to bypass Apache's path validation and read arbitrary files from the server.

This repository provides Nuclei templates to scan for vulnerable Apache versions (2.4.49-2.4.50) and path traversal vulnerabilities (CVE-2021-41773 and CVE-2021-42013). It includes detection and exploitation templates for automated scanning.

This PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49, allowing remote code execution via crafted curl commands when mod_cgi is enabled. The script provides an interactive shell to execute arbitrary commands on the target system.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes a Docker-based environment setup and a curl command to exploit the vulnerability by accessing sensitive files like /etc/passwd.

This repository contains a working PoC for CVE-2021-41773, demonstrating path traversal and remote code execution (RCE) via a reverse shell on Apache 2.4.49. The exploit leverages a path traversal vulnerability in the CGI module to read sensitive files and execute arbitrary commands.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes Docker setup for testing and curl commands to exploit the vulnerability, demonstrating file disclosure via path traversal.

This repository provides a detailed writeup and lab setup instructions for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 and 2.4.50. It explains the root cause, exploitation method, and includes steps to replicate the vulnerability in a controlled environment.

This is a corrected and functional exploit for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49. The script uses a path traversal technique via malformed URL encoding to access arbitrary files or execute commands on vulnerable systems.

This repository contains a writeup documenting the reconnaissance and exploitation process for Apache HTTP Server vulnerabilities CVE-2021-41773 and CVE-2021-42013, focusing on Path Traversal and RCE. It details the methodology used, including tools like Nmap and Metasploit, but concludes that the vulnerabilities were not exploitable in the tested environment.

This Go-based PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49/2.4.50, to achieve LFI and RCE. It includes functionality for SSH key brute-forcing and remote command execution via crafted HTTP requests.

This repository contains multiple Python scripts for exploiting CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The scripts include a mass scanner, an RCE exploit, and a manual command execution tool.

This exploit leverages a path traversal vulnerability in Apache HTTP Server 2.4.49 to achieve remote code execution (RCE) by accessing the `/bin/sh` binary through malformed URL paths. It provides an interactive shell for executing commands on the target system.

This repository contains two Python scripts demonstrating CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. One script exploits the vulnerability to read arbitrary files (e.g., /etc/passwd), while the other achieves RCE by accessing /bin/sh via the traversal.

This repository contains a README file describing an analysis of CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution. No exploit code is present.

This repository provides a working PoC for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. It includes commands to exploit both RCE and LFI via malformed URI paths.

This script checks if an Apache server is vulnerable to CVE-2021-41773 by attempting to read arbitrary files via a path traversal exploit. It sends a crafted HTTP request to the target server and checks the response for success or failure.

This repository contains Python-based exploit scripts for CVE-2021-41773 and CVE-2021-42013, targeting path traversal and remote command execution vulnerabilities in Apache HTTP Server versions 2.4.49 and 2.4.50, respectively. The scripts leverage URL-encoded path traversal techniques to access restricted files or execute arbitrary commands via the `/cgi-bin/` endpoint.

This repository demonstrates CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit script uses a crafted URL to access sensitive files (e.g., /etc/passwd) by bypassing path normalization.

This repository provides a vulnerable Dockerized Apache 2.4.49 service and a PoC exploit for CVE-2021-41773, a path traversal vulnerability. The exploit demonstrates unauthorized file access via a crafted URL.

This repository contains a Python script that tests for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The script sends HTTP requests to a list of URLs with a crafted payload to check for the presence of the vulnerability by attempting to read the /etc/passwd file.

This repository provides a working proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that can lead to remote code execution (RCE) via CGI scripts. The PoC includes steps to exploit the vulnerability, achieve command execution, and establish a reverse shell.

This repository contains a functional exploit for CVE-2021-41773, targeting Apache HTTP Server 2.4.49/2.4.50 with CGI enabled. The exploit leverages path traversal and command injection to achieve remote code execution (RCE) via crafted payloads.

This repository contains a functional exploit for CVE-2021-41773, targeting Apache HTTP Server 2.4.49/2.4.50 with CGI enabled. The exploit leverages path traversal to achieve remote code execution via crafted URLs.

This repository provides mitigation scripts for CVE-2021-41773, a path traversal and file disclosure vulnerability in Apache HTTP Server. It includes two scripts: one for updating the system and Apache, and another for modifying the Apache configuration to restrict access.

This exploit leverages a path traversal vulnerability in Apache HTTP Server 2.4.49 to access files outside the configured directories, potentially leading to remote code execution if CGI scripts are enabled. The script checks for the presence of `/bin/bash` in `/etc/passwd` to confirm vulnerability.

This repository contains a Python script that exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The script can check for vulnerable servers and attempt to read sensitive files like /etc/passwd.

This repository contains a proof-of-concept for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server. The exploit demonstrates directory traversal via crafted URIs to access files outside the intended document root.

This repository contains a Shodan-based scanner for CVE-2021-41773, a path traversal and RCE vulnerability in Apache HTTP Server 2.4.49 and 2.4.50. It uses multithreading to scan for vulnerable hosts and includes a basic exploit function to test for RCE.

This repository contains a Python exploit for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49. The exploit checks for vulnerability and allows remote command execution via a crafted payload targeting the CGI module.

This repository provides a working PoC for CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49 that allows remote command execution (RCE) via a maliciously crafted request. The exploit leverages a misconfiguration in httpd.conf to traverse directories and execute commands.

This PoC exploits CVE-2021-41773, a path traversal vulnerability in Apache HTTP Server 2.4.49, allowing unauthorized access to files and potential RCE via CGI script execution. The exploit sends crafted requests to retrieve /etc/passwd or execute commands via /bin/sh.