CVE-2021-41773

Vulnerability updated 10 months ago (2024-11-29T14:00:50.421Z)

Download STIX

Preview STIX

CVE-2021-41773 is a significant software vulnerability identified in Apache HTTP Server 2.4.49, which pertains to an issue of path traversal. This flaw in the software's design or implementation allows an attacker to access sensitive information or execute arbitrary code on the server by exploiting the path traversal vulnerability. The vulnerability was identified and registered within the National Vulnerability Database (NVD), where it can be found under its designated CVE number for further details. This vulnerability was exploited through attempts at path traversal, as indicated by the ET EXPLOIT Apache HTTP Server 2.4.49 – Path Traversal Attempt (CVE-2021-41773) M1 alert. Path traversal attacks involve manipulating variables that reference file locations within a program. In this case, attackers could potentially gain unauthorized access to files and directories that are stored outside the web root folder. In response to the detection of this vulnerability, updates and patches were issued to mitigate the risk associated with the flaw. It is crucial for organizations using Apache HTTP Server 2.4.49 to apply these updates promptly to protect their systems from potential breaches. Additionally, it's worth noting that this vulnerability is related to another identified flaw, CVE-2021-42013, which also affects the Apache HTTP Server and should be addressed simultaneously.

Description last updated: 2024-05-04T21:49:03.606Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Apache

Exploit

Traversal

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Androxgh0st Threat Actor is associated with CVE-2021-41773. Androxgh0st, a notable threat actor in the cybersecurity landscape, has been actively targeting systems since January 2024. According to CloudSEK's Threat Research team, Androxgh0st has begun exploiting vulnerabilities in web servers, specifically targeting high-profile technologies like Cisco ASA,	Unspecified	3

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The vulnerability CVE-2021-42013 is associated with CVE-2021-41773.	Unspecified	2

Source Document References

Information about the CVE-2021-41773 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Trend Micro	a day ago	RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
SANS ISC	10 months ago	Command Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary] - SANS Internet Storm Center
InfoSecurity-magazine	a year ago	Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach
CERT-EU	2 years ago	FBI Warns Of Androxgh0st Malware
CISA	a year ago	North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs \| CISA
SANS ISC	a year ago	Who You Gonna Call? AndroxGh0st Busters! [Guest Diary] - SANS Internet Storm Center
CERT-EU	2 years ago	Cyber Security Week in Review: January 19, 2024
CERT-EU	2 years ago	CISA and FBI Reveal Known Androxgh0st Malware IoCs and TTPs
CERT-EU	2 years ago	FBI: Androxgh0st Malware Building Mega-Botnet for Credential Theft
DARKReading	2 years ago	CISA: AWS, Microsoft 365 Accounts Under Active 'Androxgh0st' Attack
CERT-EU	2 years ago	Hackers Building AndroxGh0st Botnet to Target AWS, O365, Feds Warn
InfoSecurity-magazine	2 years ago	US Government Urges Action to Mitigate Androxgh0st Malware Threat
CERT-EU	2 years ago	Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
CISA	2 years ago	CISA and FBI Release Known IOCs Associated with Androxgh0st Malware \| CISA
Securityaffairs	2 years ago	FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation
CERT-EU	2 years ago	FBI: Beware of cloud-credential thieves building botnets
CERT-EU	2 years ago	CISA and FBI Release Known IOCs Associated with Androxgh0st Malware
CERT-EU	2 years ago	FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials
CISA	2 years ago	Known Indicators of Compromise Associated with Androxgh0st Malware \| CISA
CISA	2 years ago	2022 Top Routinely Exploited Vulnerabilities \| CISA