FortiClient Vulnerability

Apache HTTP Server CVE-2021-41773 Path Traversal Vulnerability

Description

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. Also, an attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives.

Outbreak Alert

Apache webservers running an older and vulnerable version of Apache 2.4.49 and 2.4.50 are still deployed on various could platforms. According to Shodan, 6000+ webservers could still be vulnerable to a path traversal attack and can eventually lead to remote code execution.

View the full Outbreak Alert Report

Affected Applications

Apache HTTP Server

CVE References

CVE-2021-41773

Other References

https://httpd.apache.org/security/vulnerabilities_24.html

ID	2711
Created	Oct 08, 2021
Description Updated	Oct 16, 2023
Outbreak Alert	Apache Path Traversal
Risk
Coverage	FortiClient
OS	Windows
Vendor	Apache
Patch	manual
Application	Apache HTTP Server

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Apache HTTP Server CVE-2021-41773 Path Traversal Vulnerability

Description

Outbreak Alert

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Apache HTTP Server CVE-2021-41773 Path Traversal Vulnerability

Description

Outbreak Alert

Affected Applications

CVE References

Other References

Threat Intelligence
Center