CVE-2021-41773 — Actively Exploited: HTTP Server (Apache)
Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, plea
| CVE ID | CVE-2021-41773 |
|---|---|
| Vendor | Apache |
| Product | HTTP Server |
| Vulnerability name | Apache HTTP Server Path Traversal Vulnerability |
| Date added | 2021-11-03 |
| Remediation due | 2021-11-17 |
| Known ransomware use | Known |
| Required action | Apply updates per vendor instructions. |
| Description | Apache HTTP Server contains a path traversal vulnerability that allows an attacker to perform remote code execution if files outside directories configured by Alias-like directives are not under default �require all denied� or if CGI scripts are enabled. The original patch issued under this CVE ID is insufficient, please review remediation information under CVE-2021-42013. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →