CVE-2021-41773

Vulnerability updated a month ago (2024-11-29T14:00:50.421Z)
Download STIX
Preview STIX
CVE-2021-41773 is a significant software vulnerability identified in Apache HTTP Server 2.4.49, which pertains to an issue of path traversal. This flaw in the software's design or implementation allows an attacker to access sensitive information or execute arbitrary code on the server by exploiting the path traversal vulnerability. The vulnerability was identified and registered within the National Vulnerability Database (NVD), where it can be found under its designated CVE number for further details. This vulnerability was exploited through attempts at path traversal, as indicated by the ET EXPLOIT Apache HTTP Server 2.4.49 – Path Traversal Attempt (CVE-2021-41773) M1 alert. Path traversal attacks involve manipulating variables that reference file locations within a program. In this case, attackers could potentially gain unauthorized access to files and directories that are stored outside the web root folder. In response to the detection of this vulnerability, updates and patches were issued to mitigate the risk associated with the flaw. It is crucial for organizations using Apache HTTP Server 2.4.49 to apply these updates promptly to protect their systems from potential breaches. Additionally, it's worth noting that this vulnerability is related to another identified flaw, CVE-2021-42013, which also affects the Apache HTTP Server and should be addressed simultaneously.
Description last updated: 2024-05-04T21:49:03.606Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Exploit
Traversal
Apache
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Androxgh0st Threat Actor is associated with CVE-2021-41773. Androxgh0st, a notable threat actor in the cybersecurity landscape, has been actively targeting systems since January 2024. According to CloudSEK's Threat Research team, Androxgh0st has begun exploiting vulnerabilities in web servers, specifically targeting high-profile technologies like Cisco ASA, Unspecified
3
Source Document References
Information about the CVE-2021-41773 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
SANS ISC
7 days ago
InfoSecurity-magazine
2 months ago
CERT-EU
a year ago
CISA
5 months ago
SANS ISC
5 months ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
DARKReading
a year ago
CERT-EU
a year ago
InfoSecurity-magazine
a year ago
CERT-EU
a year ago
CISA
a year ago
Securityaffairs
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CERT-EU
a year ago
CISA
a year ago
CISA
a year ago
SANS ISC
a year ago