Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution (RCE)

Exploit: Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution RCE Date: 10/05/2021 Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.50 Tested on: 2.4.50 CVE : CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if...

Apache HTTP Server 2.4.49 - Path Traversal Vulnerability

Exploit Title: Apache HTTP Server 2.4.49 - Path Traversal Exploit Author: Lucas Souza https://lsass.io Vendor Homepage: https://apache.org/ Version: 2.4.49 Tested on: 2.4.49 CVE : CVE-2021-41773 Credits: Ash Daulton and the cPanel Security Team !/bin/bash if $1 =3D=3D '' ; $2 =3D=3D '' ; then ech...

Apache Web Server Zero-Day Actively Exploited, Exposes Sensitive Data

Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server, which was first reported to the project last week. The vulnerability is under active exploitation in the wild, it said, and could allow attackers to access sensitive information. According to a securit...