CVE-2021-41773

Vulnerability updated 4 months ago (2024-05-04T22:17:36.878Z)

Download STIX

Preview STIX

CVE-2021-41773 is a significant software vulnerability identified in Apache HTTP Server 2.4.49, which pertains to an issue of path traversal. This flaw in the software's design or implementation allows an attacker to access sensitive information or execute arbitrary code on the server by exploiting the path traversal vulnerability. The vulnerability was identified and registered within the National Vulnerability Database (NVD), where it can be found under its designated CVE number for further details. This vulnerability was exploited through attempts at path traversal, as indicated by the ET EXPLOIT Apache HTTP Server 2.4.49 – Path Traversal Attempt (CVE-2021-41773) M1 alert. Path traversal attacks involve manipulating variables that reference file locations within a program. In this case, attackers could potentially gain unauthorized access to files and directories that are stored outside the web root folder. In response to the detection of this vulnerability, updates and patches were issued to mitigate the risk associated with the flaw. It is crucial for organizations using Apache HTTP Server 2.4.49 to apply these updates promptly to protect their systems from potential breaches. Additionally, it's worth noting that this vulnerability is related to another identified flaw, CVE-2021-42013, which also affects the Apache HTTP Server and should be addressed simultaneously.

Description last updated: 2024-05-04T21:49:03.606Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Exploit

Traversal

Apache

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
Androxgh0st	Unspecified	3	Androxgh0st is a significant threat actor in the cybersecurity landscape, known for offering malware-as-a-service. This entity is responsible for the creation and distribution of a Python-scripted malware that primarily targets .env files containing confidential information from high-profile applica

Source Document References

Information about the CVE-2021-41773 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	8 months ago	FBI Warns Of Androxgh0st Malware
CISA	a month ago	North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs \| CISA
SANS ISC	2 months ago	Who You Gonna Call? AndroxGh0st Busters! [Guest Diary] - SANS Internet Storm Center
CERT-EU	8 months ago	Cyber Security Week in Review: January 19, 2024
CERT-EU	8 months ago	CISA and FBI Reveal Known Androxgh0st Malware IoCs and TTPs
CERT-EU	8 months ago	FBI: Androxgh0st Malware Building Mega-Botnet for Credential Theft
DARKReading	8 months ago	CISA: AWS, Microsoft 365 Accounts Under Active 'Androxgh0st' Attack
CERT-EU	8 months ago	Hackers Building AndroxGh0st Botnet to Target AWS, O365, Feds Warn
InfoSecurity-magazine	8 months ago	US Government Urges Action to Mitigate Androxgh0st Malware Threat
CERT-EU	8 months ago	Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
CISA	8 months ago	CISA and FBI Release Known IOCs Associated with Androxgh0st Malware \| CISA
Securityaffairs	8 months ago	FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation
CERT-EU	8 months ago	FBI: Beware of cloud-credential thieves building botnets
CERT-EU	8 months ago	CISA and FBI Release Known IOCs Associated with Androxgh0st Malware
CERT-EU	8 months ago	FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials
CISA	8 months ago	Known Indicators of Compromise Associated with Androxgh0st Malware \| CISA
CISA	a year ago	2022 Top Routinely Exploited Vulnerabilities \| CISA
SANS ISC	a year ago	InfoSec Handlers Diary Blog - SANS Internet Storm Center
CERT-EU	a year ago	IDS Comparisons with DShield Honeypot Data, (Thu, Jul 6th) – Cyber Safe NV
CSO Online	a year ago	Fileless attacks surge as cybercriminals evade cloud security defenses