Tag: CVE-2021-41773

Apache HTTP Server Path Normalization and Remote Code Execution (RCE) Vulnerability (CVE-2021-42013)

Posted by Author Diksha Ojha on Posted on

The Apache Software Foundation has published additional security updates for its HTTP Server to remediate an incomplete fix for a path traversal and Remote Code Execution (RCE) vulnerability patched in the first week of October 2021 (CVE-2021-41773).      CVE-2021-42013 is based upon a path normalization bug, which allowed an unauthenticated remote user to view files on the Apache Web … Continue reading “Apache HTTP Server Path Normalization and Remote Code Execution (RCE) Vulnerability (CVE-2021-42013)”

Apache fixes the HTTP Path Traversal Vulnerability (CVE-2021-41773)

Posted by Author Diksha Ojha on Posted on

Apache Software Foundation has published HTTP Web Server version 2.4.50 to fix the CVE-2021-41773 vulnerability in Apache Server version 2.4.49. This is a path traversal and file disclosure flaw that could allow attackers to gain access to sensitive data, and according to the report, is being actively exploited. The Apache HTTP Server is a cross-platform, … Continue reading “Apache fixes the HTTP Path Traversal Vulnerability (CVE-2021-41773)”