KLA12371
Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. NULL pointer dereference vulnerability in h2 fuzzing can be exploited remotely via special crafted request to cause denial of service.
2. Remote code execution vulnerability in httpd can be exploited remotely to obtain sensitive information and execute arbitrary code.

The following public exploits exists for this vulnerability:

https://github.com/Vulnmachines/cve-2021-41773

https://github.com/numanturle/CVE-2021-41773

https://github.com/knqyf263/CVE-2021-41773

https://github.com/ZephrFish/CVE-2021-41773-PoC

https://github.com/iilegacyyii/PoC-CVE-2021-41773

https://github.com/masahiro331/CVE-2021-41773

https://github.com/RyouYoo/CVE-2021-41773

https://github.com/TishcaTpx/POC-CVE-2021-41773

https://github.com/lorddemon/CVE-2021-41773-PoC

https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013

https://github.com/itsecurityco/CVE-2021-41773

https://github.com/habibiefaried/CVE-2021-41773-PoC

https://github.com/TishcaTpx/cve-2021-41773-nse

https://github.com/creadpag/CVE-2021-41773-POC

https://github.com/blasty/CVE-2021-41773

https://github.com/PentesterGuruji/CVE-2021-41773

https://github.com/jbovet/CVE-2021-41773

https://github.com/mohwahyudi/cve-2021-41773

https://github.com/1nhann/CVE-2021-41773

https://github.com/ranggaggngntt/CVE-2021-41773

https://github.com/BlueTeamSteve/CVE-2021-41773

https://github.com/Zeop-CyberSec/apache_normalize_path

https://github.com/r00tVen0m/CVE-2021-41773

https://github.com/n3k00n3/CVE-2021-41773

https://github.com/fnatalucci/CVE-2021-41773-RCE

https://github.com/AssassinUKG/CVE-2021-41773

https://github.com/jheeree/Simple-CVE-2021-41773-checker

https://github.com/oxctdev/CVE-2021-41773

https://github.com/HightechSec/scarce-apache2

https://github.com/vinhjaxt/CVE-2021-41773-exploit

https://github.com/twseptian/CVE-2021-41773

https://github.com/ComdeyOverFlow/CVE-2021-41773

https://github.com/shiomiyan/CVE-2021-41773

https://github.com/justakazh/mass_cve-2021-41773

https://github.com/LetouRaphael/Poc-CVE-2021-41773

https://github.com/Sakura-nee/CVE-2021-41773

https://github.com/htrgouvea/lab-cve-2021-41773

https://github.com/shellreaper/CVE-2021-41773

https://github.com/0xRar/CVE-2021-41773

https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt

https://github.com/corelight/CVE-2021-41773

https://github.com/zeronine9/CVE-2021-41773

https://github.com/b1tsec/CVE-2021-41773

https://github.com/superzerosec/CVE-2021-41773

https://github.com/im-hanzou/apachrot

https://github.com/KAB8345/CVE-2021-41773

https://github.com/inbug-team/CVE-2021-41773_CVE-2021-42013

https://github.com/5gstudent/cve-2021-41773-and-cve-2021-42013

https://github.com/EagleTube/CVE-2021-41773

https://github.com/cgddgc/CVE-2021-41773-42013

https://github.com/apapedulimu/Apachuk

https://github.com/scarmandef/CVE-2021-41773

https://github.com/0xAlmighty/CVE-2021-41773-PoC

https://github.com/ksanchezcld/httpd-2.4.49

https://github.com/theLSA/apache-httpd-path-traversal-checker

https://github.com/LudovicPatho/CVE-2021-41773

https://github.com/lopqto/CVE-2021-41773_Honeypot

https://github.com/vulf/CVE-2021-41773_42013

https://github.com/cloudbyteelias/CVE-2021-41773

https://github.com/qwutony/CVE-2021-41773

https://github.com/LayarKacaSiber/CVE-2021-41773

https://github.com/BabyTeam1024/CVE-2021-41773

https://github.com/walnutsecurity/cve-2021-41773

https://github.com/TheLastVvV/CVE-2021-41773

https://github.com/vida00/Scanner-CVE-2021-41773

https://github.com/mr-exo/CVE-2021-41773

https://github.com/Balgogan/CVE-2021-41773

https://github.com/wolf1892/CVE-2021-41773

https://github.com/Hydragyrum/CVE-2021-41773-Playground

https://github.com/IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit

https://github.com/ahmad4fifz/docker-cve-2021-41773

https://github.com/kubota/POC-CVE-2021-41773

https://github.com/xMohamed0/CVE-2021-41773

https://github.com/K3ysTr0K3R/CVE-2021-41773-EXPLOIT

https://github.com/vida003/Scanner-CVE-2021-41773

https://github.com/MazX0p/CVE-2021-41773

https://github.com/Hattan515/POC-CVE-2021-41773

https://github.com/retrymp3/apache2.4.49VulnerableLabSetup

https://github.com/pirenga/CVE-2021-41773

https://github.com/Zh0ngS0n1337/CVE-2021-41773

https://github.com/anldori/CVE-2021-41773-Scanner

https://github.com/McSl0vv/CVE-2021-41773

https://github.com/Hattan-515/POC-CVE-2021-41773

https://github.com/TAI-REx/cve-2021-41773-nse

https://github.com/j4k0m/CVE-2021-41773

https://github.com/zerodaywolf/CVE-2021-41773_42013

https://github.com/MatanelGordon/docker-cve-2021-41773

https://github.com/sixpacksecurity/CVE-2021-41773

https://github.com/Habib0x0/CVE-2021-41773

https://github.com/iosifache/ApacheRCEEssay

https://github.com/orangmuda/CVE-2021-41773

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Apache HTTP Server earlier than 2.4.50

Update to the latest version
Download Apache HTTP Server