CVE-2021-42013

Published on: 10/07/2021 12:00:00 AM UTC

Last Modified on: 08/15/2022 11:15:00 AM UTC

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Http Server from Apache contain the following vulnerability:

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.

  • CVE-2021-42013 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as CRITICAL severity.
  • Affected Vendor/Software: URL Logo Apache Software Foundation - Apache HTTP Server version = 2.4.49
  • Affected Vendor/Software: URL Logo Apache Software Foundation - Apache HTTP Server version = 2.4.50

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 7.5 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
[SECURITY] Fedora 34 Update: httpd-2.4.51-1.fc34 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2021-2a10bc68a4
Apache HTTPD: Multiple Vulnerabilities (GLSA 202208-20) — Gentoo security security.gentoo.org
text/html
URL Logo GENTOO GLSA-202208-20
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Apache 2.4.50 Remote Code Execution ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/167397/Apache-2.4.50-Remote-Code-Execution.html
Apache HTTP Server 2.4.50 Remote Code Execution ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/164609/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
JVN#51106450: Apache HTTP Server vulnerable to directory traversal jvn.jp
text/xml
URL Logo JVN JVN#51106450
oss-security - CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211007 CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Apache HTTP Server Vulnerabilties: October 2021 tools.cisco.com
text/html
URL Logo CISCO 20211007 Apache HTTP Server Vulnerabilties: October 2021
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Oracle Critical Patch Update Advisory - April 2022 www.oracle.com
text/html
URL Logo MISC www.oracle.com/security-alerts/cpuapr2022.html
October 2021 Apache HTTP Server Vulnerabilities in NetApp Products | NetApp Product Security security.netapp.com
text/html
URL Logo CONFIRM security.netapp.com/advisory/ntap-20211029-0009/
Pony Mail! lists.apache.org
text/html
URL Logo MLIST [announce] 20211007 CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211011 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Apache HTTP Server 2.4.50 CVE-2021-42013 Exploitation ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/165089/Apache-HTTP-Server-2.4.50-CVE-2021-42013-Exploitation.html
[SECURITY] Fedora 35 Update: httpd-2.4.51-2.fc35 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2021-aaf90ef84a
Oracle Critical Patch Update Advisory - January 2022 www.oracle.com
text/html
URL Logo MISC www.oracle.com/security-alerts/cpujan2022.html
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211009 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Apache HTTP Server 2.4 vulnerabilities - The Apache HTTP Server Project httpd.apache.org
text/html
URL Logo MISC httpd.apache.org/security/vulnerabilities_24.html
Pony Mail! lists.apache.org
text/html
URL Logo MLIST [httpd-cvs] 20211008 [httpd-site] branch main updated: * Align with CVE-2021-42013 based on the latest findings
Apache HTTP Server 2.4.50 Remote Code Execution ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/164941/Apache-HTTP-Server-2.4.50-Remote-Code-Execution.html
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211015 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Apache 2.4.49 / 2.4.50 Traversal / Remote Code Execution ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/164629/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution.html
Using a CVE-2021-42013 Apache 2.4.50 exploit in the wild​ www.povilaika.com
text/html
URL Logo MISC www.povilaika.com/apache-2-4-50-exploit/
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Pony Mail! lists.apache.org
text/html
URL Logo MLIST [httpd-users] 20211007 [[email protected]] CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211016 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
oss-security - Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) www.openwall.com
text/html
URL Logo MLIST [oss-security] 20211008 Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
Apache HTTP Server 2.4.50 Path Traversal / Code Execution ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/164501/Apache-HTTP-Server-2.4.50-Path-Traversal-Code-Execution.html

Related QID Numbers

  • 150374 Apache HTTP Server Multiple Vulnerabilities (CVE-2021-42013)
  • 281975 Fedora Security Update for httpd (FEDORA-2021-2a10bc68a4)
  • 352857 Amazon Linux Security Advisory for httpd24: ALAS-2021-1543
  • 352858 Amazon Linux Security Advisory for httpd: ALAS2-2021-1716
  • 500024 Alpine Linux Security Update for apache2
  • 690209 Free Berkeley Software Distribution (FreeBSD) Security Update for apache httpd (d001c189-2793-11ec-8fb1-206a8a720317)
  • 710595 Gentoo Linux Apache HTTPD Multiple Vulnerabilities (GLSA 202208-20)
  • 87466 Apache Hypertext Transfer Protocol (HTTP) Server Path Traversal Vulnerability

Exploit/POC from Github

cve-2021-41773 即 cve-2021-42013 批量检测脚本

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationApacheHttp Server2.4.49AllAllAll
ApplicationApacheHttp Server2.4.50AllAllAll
Operating
System
FedoraprojectFedora34AllAllAll
Operating
System
FedoraprojectFedora35AllAllAll
ApplicationNetappCloud Backup-AllAllAll
ApplicationOracleInstantis Enterprisetrack17.1AllAllAll
ApplicationOracleInstantis Enterprisetrack17.2AllAllAll
ApplicationOracleInstantis Enterprisetrack17.3AllAllAll
ApplicationOracleSecure BackupAllAllAllAll
  • cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:*:
  • cpe:2.3:a:apache:http_server:2.4.50:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*:
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*:

Discovery Credit

Reported by Juan Escobar from Dreamlab Technologies, Fernando Muñoz from NULL Life CTF Team, and Shungo Kumasaka

Social Mentions

Source Title Posted (UTC)
Twitter Icon @iamamoose Apache 2.4.49 and 2.4.50 critical file disclosure/RCE for certain configurations: CVE-2021-42013 lists.apache.org/thread.html/rb… 2021-10-07 15:26:21
Twitter Icon @iamamoose cve.org/CVERecord?id=C… is now published along with Apache HTTP Server 2.4.51 2021-10-07 15:52:51
Twitter Icon @CVEreport CVE-2021-42013 : It was found that the fix for CVE-2021-41773 in #Apache HTTP Server 2.4.50 was insufficient. An at… twitter.com/i/web/status/1… 2021-10-07 15:53:37
Twitter Icon @eingemaischt @hanno @certbund Es gibt schon CVE-2021-42013 - weil der Fix für 41773 wohl incomplete war. 2021-10-07 15:58:12
Twitter Icon @oss_security CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of… twitter.com/i/web/status/1… 2021-10-07 16:00:38
Twitter Icon @USCERT_gov See Apache's new update, which addresses both CVE-2021-41773 and CVE-2021-42013 (the latter is new):… twitter.com/i/web/status/1… 2021-10-07 17:16:50
Twitter Icon @notroj Important that those running @apache_httpd 2.4.49 or 2.4.50 updates to 2.4.51 to address CVE-2021-42013. Earlier v… twitter.com/i/web/status/1… 2021-10-07 17:18:16
Twitter Icon @ClaireTills Another patch out for CVE-2021-41773 (bypass assigned CVE-2021-42013), be sure you've updated to Apache httpd Serve… twitter.com/i/web/status/1… 2021-10-07 17:30:57
Twitter Icon @InakMali #Apache Software Foundation addresses CVE-2021-41773 and CVE-2021-42013 in patch in response to zero-day #vulnerability. 2021-10-07 17:43:21
Twitter Icon @mkviitanen CVE-2021-42013 - incomplete fix of CVE-2021-41773. https://t.co/rQxttqD1WL 2021-10-07 18:21:37
Twitter Icon @ipssignatures I know no IPS that has a protection/signature/rule for the vulnerability CVE-2021-42013. The vuln was published 0 d… twitter.com/i/web/status/1… 2021-10-07 20:04:01
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 15 times. twitter.com/USCERT_gov/sta… #Skj74x75ogm3fa 2021-10-07 20:04:01
Twitter Icon @USCERT_gov ? Active scanning of Apache HTTP Server CVE-2021-41773 & CVE-2021-42013 is ongoing and expected to accelerate, like… twitter.com/i/web/status/1… 2021-10-07 20:19:18
Twitter Icon @omokazuki 修正が不十分の為2.4.51がリリース Apache HTTP Serverの脆弱性情報(Critical: CVE-2021-42013, Important: CVE-2021-41773, Moderate: CVE-20… twitter.com/i/web/status/1… 2021-10-07 21:06:09
Twitter Icon @pdnuclei CVE-2021-42013 - Apache 2.4.49/2.4.50 - Path Traversal by nvn1729 "It was found that the fix for CVE-2021-41773 in… twitter.com/i/web/status/1… 2021-10-07 22:29:43
Twitter Icon @bef0rd @roman_soft @itsecurityco @ortegaalfredo Check github.com/projectdiscove… 2021-10-07 22:31:06
Twitter Icon @snyff Want a good training exercise? Exploit #CVE-2021-42013! 1. Build a container with 2.4.49 FROM httpd:2.4.49 COPY .… twitter.com/i/web/status/1… 2021-10-07 22:39:46
Twitter Icon @kawada_syogo225 CVE-2021-41773の追加修正 2021-10-07 22:52:40
Twitter Icon @vulnhero Apache HTTP Server vulnerability (CVE-2021-42013) due to inadequacy fix for (CVE-2021-41773) - allows remote unauth… twitter.com/i/web/status/1… 2021-10-07 23:02:00
Twitter Icon @astr0baby CVE-2021-42013 - This is how you can get an interactive shell via Metasploit (cmd/unix/reverse_bash payload exampl… twitter.com/i/web/status/1… 2021-10-07 23:09:09
Twitter Icon @RandomDhiraj Meet CVE-2021-42013 on Apache 2.4.50 update to 2.4.51 :) https://t.co/MALQzXzyOD 2021-10-07 23:10:15
Twitter Icon @Horizon3ai Same day service! #NodeZero now detects, exploits, and proves the latest #Apache HTTP Server vuln (CVE-2021-42013)… twitter.com/i/web/status/1… 2021-10-07 23:11:29
Twitter Icon @roman_soft RCE exploit both for Apache 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013): [email protected]:~# curl 'http://192.168… twitter.com/i/web/status/1… 2021-10-07 23:13:08
Twitter Icon @itsecurityco Since there is already exploit in Nuclei for #CVE-2021-42013, we share with you our payloads: 1. %%32%65%%32%65 2.… twitter.com/i/web/status/1… 2021-10-07 23:20:31
Twitter Icon @RkoAurelio New vulnerability that allows Remote Code Execution (CVE-2021-41773, CVE-2021-42013) in Apache HTTP Server 2.4.49 a… twitter.com/i/web/status/1… 2021-10-08 00:04:11
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 123 times. twitter.com/USCERT_gov/sta… #pow2rtrtwwcve 2021-10-08 00:06:01
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 10 times. twitter.com/iamamoose/stat… #pow1rtrtwwcve 2021-10-08 00:06:01
Twitter Icon @yamory_sec Apache HTTP Server CVE-2021-41773の脆弱性への修正が不完全だったため、2.4.51で再度修正が行われ、CVE-2021-42013として公開されています。 リモートコード実行に繋がる恐れもあります… twitter.com/i/web/status/1… 2021-10-08 00:42:25
Twitter Icon @christinayiotis “Vulnerabilities (CVE-2021-41773) & CVE-2021-42013) have been identified in Apache HTTP Server, one of the most com… twitter.com/i/web/status/1… 2021-10-08 01:38:47
Twitter Icon @A_zs_Blog 【追記】 パストラバーサルおよびリモートコード実行の脆弱性(CVE-2021-42013):パストラバーサルの脆弱性の修正が不十分であることが確認されました。 a-zs.net/apache_http_se… 2021-10-08 01:39:21
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 37 times. twitter.com/roman_soft/sta… #pow1rtrtwwcve 2021-10-08 02:06:00
Twitter Icon @ohhara_shiojiri 「更新: 2021年10月8日追記 本脆弱性の修正として提供したバージョン2.4.50に、別のパストラバーサルの脆弱性(CVE-2021-42013)があることが判明したことを発表し、本脆弱性を修正するバージョン2.4.51をリリースしました。」 2021-10-08 02:47:32
Twitter Icon @ken1no Apache HTTPD 2.4.51がリリースされました。パストラバーサル及びリモートからのコード実行の脆弱性(CVE-2021-42013)が修正されています。 「インストールするもの」を更新しました。 http2.try-and-test.net/install.html#a… 2021-10-08 03:06:21
Twitter Icon @k1rou 「vulnerabilities (CVE-2021-41773, CVE-2021-42013) in Apache HTTP Server 2.4.49 and 2.4.50」→Apache Releases HTTP Ser… twitter.com/i/web/status/1… 2021-10-08 03:30:32
Twitter Icon @CCNADailyTIPS RCE exploit both for Apache 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013): POC... We got a Reverse Shell! youtu.be/WSVcuV2Wc58 2021-10-08 03:32:45
Twitter Icon @catnap707 わずか3日、「Apache HTTPD」が再修正 - 前回修正は不十分、あらたにRCEのおそれも:Security NEXT security-next.com/130520 “CVE番号「CVE-2021-42013」があらたに… twitter.com/i/web/status/1… 2021-10-08 03:41:14
Twitter Icon @chybeta CVE-2021-42013 & CVE-2021-41773 Apache HTTPd  Path Traversal and Remote Code Execution https://t.co/kKhaIBSzpp 2021-10-08 03:50:32
Twitter Icon @AusCERT Additional fixes to Apache HTTP Server for CVE-2021-41773, which is tracked as CVE-2021-42013 Bulletin:… twitter.com/i/web/status/1… 2021-10-08 04:08:04
Twitter Icon @ymzkei5 Apache HTTP Server 2.4.50 の「別のパストラバーサル」の脆弱性( CVE-2021-42013 )、%%32%45 や %%32%65 や %2%45 や %2%65 や %%32e や %%32E といっ… twitter.com/i/web/status/1… 2021-10-08 04:12:12
Twitter Icon @oubon21120991 Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 05:03:09
Twitter Icon @nilab 「本脆弱性の修正として提供したバージョン2.4.50に、別のパストラバーサルの脆弱性(CVE-2021-42013)があることが判明したことを発表し、本脆弱性を修正するバージョン2.4.51をリリース」 Apache HTTP… twitter.com/i/web/status/1… 2021-10-08 05:03:54
Twitter Icon @MasafumiNegishi 脆弱性の修正が不十分だった今回の問題は、IIJ の SOC メンバーが(も)発見し報告しました。GJ! Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 –… twitter.com/i/web/status/1… 2021-10-08 05:29:47
Twitter Icon @0xhunster CVE-2021-42013 & CVE-2021-41773 Apache HTTPd  Path Traversal and Remote Code Execution #Apache #vulnerability https://t.co/v7eurGOex0 2021-10-08 05:41:01
Twitter Icon @RapidSafeguard Reproduce CVE-2021-42013 Apache 2.4.50 path traversal vulnerability. Path traversal vulnerability GET /cgi-bin/%%… twitter.com/i/web/status/1… 2021-10-08 05:48:01
Twitter Icon @ohhara_shiojiri Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 05:49:31
Twitter Icon @80vul See the patch on the patch again:incomplete fix of CVE-2021-41773 --> CVE-2021-42013 httpd.apache.org/security/vulne… So Apache 2.4.50 also fell 2021-10-08 05:50:50
Twitter Icon @nekochanSec555 Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ… twitter.com/i/web/status/1… 2021-10-08 05:51:39
Twitter Icon @piyokango Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 05:52:06
Twitter Icon @IIJ_PR #セキュリティ 情報発信サイト「wizSafe Security Signal」に「Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見」を掲載しました。 IIJ… twitter.com/i/web/status/1… 2021-10-08 06:18:36
Twitter Icon @IIJ_ITS 「Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター」 IIJ SOCのアナリスト熊坂駿吾が報告したCVE-2021-42013の紹介と、本報告に関係するS… twitter.com/i/web/status/1… 2021-10-08 06:21:11
Twitter Icon @tongson Patch for CVE-2021-41773 introduces RCE. Patch now for CVE-2021-42013. A patchy server indeed. 2021-10-08 06:21:58
Twitter Icon @IIJ_PR 「IIJ Engineers Blog」に「Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター」を掲載しました。 ぜひご覧ください。… twitter.com/i/web/status/1… 2021-10-08 06:22:30
Twitter Icon @IIJ_doumae Apache HTTP Server 2.4.50の脆弱性"CVE-2021-42013"の発見は、IIJ SOC(セキュリティオペレーションセンター)の業務の一環として行われました。IIJ SOCの脆弱性調査の模様を、別記事にて… twitter.com/i/web/status/1… 2021-10-08 06:39:46
Twitter Icon @RaulRenales Vulnerabilidad en Apache (2.4.49) que permitiría a un atacante exfiltrar información. CVE-2021-42013 httpd.apache.org/security/vulne… 2021-10-08 06:44:08
Twitter Icon @RyoTa63292153 “更新:Apache HTTP Server の脆弱性対策について(CVE-2021-41773, CVE-2021-42013):IPA 独立行政法人 情報処理推進機構” (1 user) htn.to/4967on9TX2 2021-10-08 06:45:01
Twitter Icon @0xhunster RCE exploit both for Apache 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013): curl 'host.com/cgi-bin/.%%32%…' --d… twitter.com/i/web/status/1… 2021-10-08 06:46:55
Twitter Icon @hinoshiba ご報告 CVE-2021-42013の発見者1人として名を残しました。お溢れみたいな発見でしたが、自身の中で目標としていた“2年以内にCVE発見に関わる”をクリアできました。 自身の所属会社での記事を宣伝します。 記事内に、少し… twitter.com/i/web/status/1… 2021-10-08 06:47:12
Twitter Icon @gweeperx Exploiting #RCE exploit for #Apache 2.4.49 (#CVE-2021-41773) and 2.4.50 (CVE-2021-42013) in windows machine.… twitter.com/i/web/status/1… 2021-10-08 06:51:17
Twitter Icon @nerccu #Apache has released Apache #HTTP Server 2.4.51 to address vulnerabilities (CVE-2021-41773, CVE-2021-42013) in Apac… twitter.com/i/web/status/1… 2021-10-08 06:52:17
Twitter Icon @m01e_exp @stanner_austin @chybeta The PoC of CVE-2021-42013 has been published in Twitter... You can search it. 2021-10-08 07:18:48
Twitter Icon @kinyuka 『WAF「Scutum」では、CVE-2021-42013の脆弱性についても、既存の防御機能により本脆弱性公開前から攻撃を防御できていることを確認しております。』 scutum.jp/information/te… 2021-10-08 07:25:40
Twitter Icon @kinyuka Apacheのど派手な脆弱性2連発(CVE-2021-41773,CVE-2021-42013)でしたが、幸いScutumではどちらもゼロデイ防御可能なものでした。2つめはけっこう止められなかったWAFもあるんじゃないかな? twitter.com/kinyuka/status… 2021-10-08 07:27:30
Twitter Icon @vx_herm1t Patch your apache! CVE-2021-42013 https://t.co/nyxakqmzz0 2021-10-08 07:30:09
Twitter Icon @ManiarViral Host and IP Address count for Apache 2.4.50: 3K & 6K RCE in Apache 2.4.49 & 2.4.50 (Works… twitter.com/i/web/status/1… 2021-10-08 07:31:42
Twitter Icon @timb_machine @Ax_Sharma @hackerfantastic @wdormann Looks like it's been confirmed with latest advisory (CVE-2021-42013):… twitter.com/i/web/status/1… 2021-10-08 07:40:13
Twitter Icon @magiauk Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 ift.tt/3AndgUs 2021-10-08 07:51:53
Twitter Icon @ka0com Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 - wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 08:00:56
Twitter Icon @ka0com Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog - eng-blog.iij.ad.jp/archives/10987 2021-10-08 08:02:08
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 30 times. twitter.com/chybeta/status… #pow1rtrtwwcve 2021-10-08 08:06:01
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 23 times. twitter.com/MasafumiNegish… #pow1rtrtwwcve 2021-10-08 08:06:01
Twitter Icon @omokazuki PoC(CVE-2021-42013)と動画を追加 Apache HTTP Serverの脆弱性情報(Critical: CVE-2021-42013, Important: CVE-2021-41773, Moderate:… twitter.com/i/web/status/1… 2021-10-08 08:25:23
Twitter Icon @omokazuki PoC(CVE-2021-42013)動画をアップしました。 #sios_tech #security #vulnerability #セキュリティ #脆弱性 #apache #httpd #web youtube.com/watch?v=PqlAj6… 2021-10-08 08:28:00
Twitter Icon @nekochanSec555 Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog eng-blog.iij.ad.jp/archives/10987 2021-10-08 08:42:40
Twitter Icon @kabukawa _φ(・_・ Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 09:47:19
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-08 09:55:02
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 12 times. twitter.com/piyokango/stat… #pow1rtrtwwcve 2021-10-08 10:06:00
Twitter Icon @emilstahl @CFCSsitcen Den nye RCE er CVE-2021-42013 (incomplete fix af CVE-2021-41773) seclists.org/oss-sec/2021/q… - værd at nævne. 2021-10-08 10:12:43
Twitter Icon @waiha8 “Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見” htn.to/3kHqhoGjUP 2021-10-08 10:34:37
Twitter Icon @cyberkendra Apache HTTP Zero-day CVE-2021-41773 fix Bypassed With CVE-2021-42013 cyberkendra.com/2021/10/apache… #Apache #security #bugbounty #zeroday 2021-10-08 10:40:25
Twitter Icon @evrnyalcin Apache 2.4.50 (CVE-2021-42013) RCE playground github.com/RedSection/poc… #bugbountytips 2021-10-08 10:45:52
Twitter Icon @takahoyo Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ… twitter.com/i/web/status/1… 2021-10-08 11:24:51
Twitter Icon @MASA89434701 Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 11:31:19
Twitter Icon @prywatnik Zdalne wykonanie kodu na serwerach Apache: ( openwall.com/lists/oss-secu…). curl 'http://X/cgi-bi… twitter.com/i/web/status/1… 2021-10-08 11:47:43
Twitter Icon @cybersec2030 مهم ⚠️ ? Active scanning of #Apache HTTP Server CVE-2021-41773 & CVE-2021-42013 is ongoing and expected to accelera… twitter.com/i/web/status/1… 2021-10-08 11:47:56
Twitter Icon @lukOlejnik Remote code execution in Apache HTTP Server (). curl 'http://X/cgi-bin/.%%32%65/.%%32%65/.%%… twitter.com/i/web/status/1… 2021-10-08 11:48:54
Twitter Icon @Mekhalleh I just update the PoC to introduce the CVE-2021-42013 (Traversal/RCE into Apache 2.4.49/2.4.50) Support more check… twitter.com/i/web/status/1… 2021-10-08 12:27:00
Twitter Icon @kunio99 めっちゃやり方書いてある!! Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- I… twitter.com/i/web/status/1… 2021-10-08 12:30:04
Twitter Icon @LuciferAlpha Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 12:36:24
Twitter Icon @burnworks “Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見” (16 users) htn.to/3MQnH6ATHg 2021-10-08 13:02:27
Twitter Icon @_wix1 github.com/projectdiscove… 2021-10-08 13:12:47
Twitter Icon @MAlajab ?اذا كنت تستخدم Apache HTTP Server قم بتحديثه واغلاق الثغرات CVE-2021-41773 & CVE-2021-42013. حيث يقوم المهاجمين ب… twitter.com/i/web/status/1… 2021-10-08 13:57:16
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 10 times. twitter.com/RapidSafeguard… #pow1rtrtwwcve 2021-10-08 14:06:00
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 10 times. twitter.com/IIJ_ITS/status… #pow1rtrtwwcve 2021-10-08 14:06:01
Twitter Icon @astr0baby A short video demo of the CVE-2021-42013 Apache 2.4.50 POC youtu.be/MFBUuJyWPkk 2021-10-08 14:06:03
Twitter Icon @yousukezan CVE-2021-42013は俺が見つけた的なこと世界のあちこちで言ってる人がいそう 2021-10-08 14:27:40
Twitter Icon @sjmsteffann @enoclue Ubuntu claims they are not vulnerable to CVE-2021-41773 here: ubuntu.com/security/CVE-2… 2021-10-08 14:37:44
Twitter Icon @miki158s Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 15:22:26
Twitter Icon @magiauk Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog ift.tt/3amGDvA 2021-10-08 15:51:38
Twitter Icon @osamah_Alshaya RCE exploit both for Apache 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013). Have fun ? and secure your work en… twitter.com/i/web/status/1… 2021-10-08 16:36:22
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 11 times. twitter.com/ymzkei5/status… #pow1rtrtwwcve 2021-10-08 18:06:00
Twitter Icon @yumetov CVE-2021-41773, CVE-2021-42013 jpcert.or.jp/at/2021/at2100… 2021-10-08 19:20:15
Twitter Icon @it_hatebu Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog eng-blog.iij.ad.jp/archives/10987 2021-10-08 19:40:05
Twitter Icon @cyb3rops The reason for the second fix to Apache server version 2.4.51 (CVE-2021-42013) https://t.co/3uAGZTzFnz 2021-10-08 19:53:58
Twitter Icon @r00t_nasser CVE-2021-42013) apache 2.4.49. vs apache 2.4.50 #BugBounty #infosec https://t.co/zD3WOJzWIx 2021-10-08 20:01:59
Twitter Icon @DragonJAR Algunos Payloads para el CVE-2021-42013 de Apache 2.4.50 t.me/dragonjar/10187 añádelo a tu Burpbounty Free o PRO twitter.com/BurpBounty/sta… 2021-10-08 20:05:33
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 10 times. twitter.com/Mekhalleh/stat… #pow1rtrtwwcve 2021-10-08 20:06:01
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 10 times. twitter.com/MAlajab/status… #pow1rtrtwwcve 2021-10-08 20:06:01
Twitter Icon @it_hatebu Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-08 21:05:06
Twitter Icon @tmhwq “Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog” htn.to/4uQr8gVcJH 2021-10-08 21:07:05
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-08 21:48:02
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-08 21:48:03
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-08 21:48:04
Twitter Icon @teramako “Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見” htn.to/26MnBCmbwK 2021-10-08 22:05:42
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 47 times. twitter.com/cyb3rops/statu… #pow1rtrtwwcve 2021-10-08 22:06:00
Twitter Icon @nerubesa Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 ift.tt/3AndgUs 2021-10-08 23:29:16
Twitter Icon @kontonb Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog eng-blog.iij.ad.jp/archives/10987 2021-10-09 00:30:36
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-09 00:47:32
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-09 00:47:33
Twitter Icon @d34dr4bbit add. Apache 2.4.49 CVE-2021-41773 and Apache 2.4.50 CVE-2021-42013 – SCANNER/TRAVERSAL/RCE by mekhalleh · Pull Requ… twitter.com/i/web/status/1… 2021-10-09 00:47:51
Twitter Icon @stm_si Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog eng-blog.iij.ad.jp/archives/10987 2021-10-09 00:49:01
Twitter Icon @shimau_ CVE-2021-42013へのこの流れってウェブ路地でもやってたよな なんやねん 2021-10-09 02:40:12
Twitter Icon @yoshiteru NowBrowsing: "更新:Apache HTTP Server の脆弱性対策について(CVE-2021-41773, CVE-2021-42013):IPA 独立行政法人 情報処理推進機構" ipa.go.jp/security/ciadr… 2021-10-09 04:04:58
Twitter Icon @infosec_90 #أمن_المعلومات #برمجة Apache HTTP Server 2.4.49 and 50 - Path Traversal CVE-2021-41773 /.%2e CVE-2021-42013 /.%%3… twitter.com/i/web/status/1… 2021-10-09 05:18:18
Twitter Icon @suzu_GBA2003 2.4.50だめだったんか Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-09 07:26:19
Twitter Icon @onyphe This many #Apache 2.4.49/2.4.50: 350,000+ #CVE-2021-41773 #CVE-2021-42013 https://t.co/hBHz6vBmUv 2021-10-09 09:11:28
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 121 times. twitter.com/cyb3rops/statu… #pow2rtrtwwcve 2021-10-09 10:06:00
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 10 times. twitter.com/infosec_90/sta… #pow1rtrtwwcve 2021-10-09 10:06:01
Twitter Icon @hmoud1996 @eng_bunawaf يوجد تحديثين مختلفة يمكنك الاطلاع ⤵️? CVE-2021-41773 CVE-2021-42013 2021-10-09 11:56:58
Twitter Icon @Mawg0ud New based #vulnerability identifier, CVE-2021-42013, it builds on CVE-2021-41773, which was a vulnerability in… twitter.com/i/web/status/1… 2021-10-09 12:04:29
Twitter Icon @ka0com Dockerを使ってCVE-2021-42013を検証する - nekotosec.com/validate-cve-2… 2021-10-09 12:25:48
Twitter Icon @djinh @satefan Everything is a joke: 2021-10-09 12:40:23
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 1 days ago and retweeted 10 times. twitter.com/snyff/status/1… #pow1rtrtwwcve 2021-10-09 14:06:00
Twitter Icon @0x009AD6_810 オレもオレもCVE-2021-42013 2021-10-09 14:28:44
Twitter Icon @piyokango はてなブログに投稿しました #はてなブログ Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-09 18:18:42
Twitter Icon @muupapa Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-09 18:41:14
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-09 18:48:32
Twitter Icon @tethys_seesaa Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-09 22:55:50
Twitter Icon @hands_of_cat 修正が不十分だから、CVE-2021-42013 が公開された。ただそれも不十分の模様。 Red Hat はそもそもの脆弱性の影響を受けないので、影響受けないんだろうな。 RHEL8 は、v2.4.37 をベースに Red H… twitter.com/i/web/status/1… 2021-10-09 23:27:15
Twitter Icon @matiere Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 00:05:36
Twitter Icon @ipssignatures The vuln CVE-2021-42013 has a tweet created 0 days ago and retweeted 15 times. twitter.com/piyokango/stat… #pow1rtrtwwcve 2021-10-10 00:06:00
Twitter Icon @lemonade_air Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 数日前に話題になっていたやつだ。自分の検証環境で後で試してみる。 2021-10-10 00:55:47
Twitter Icon @matsuu_zatsu Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 01:27:28
Twitter Icon @tak_mita New post: 【後で読みたい!】更新:Apache HTTP Server の脆弱性対策について(CVE-2021-41773, CVE-2021-42013) taksbar.link/?p=179868 2021-10-10 02:08:44
Twitter Icon @ton960 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 02:39:07
Twitter Icon @ka0com Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 02:46:48
Twitter Icon @magiauk Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog ift.tt/30cUova 2021-10-10 02:51:54
Twitter Icon @aiujp1985 Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog eng-blog.iij.ad.jp/archives/10987 2021-10-10 03:24:32
Twitter Icon @it_hatebu Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 05:00:03
Twitter Icon @equinox79 “Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog” htn.to/2WxGdpp71P 2021-10-10 05:22:57
Twitter Icon @yomoyomo Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… パス(ディレクトリ)トラバーサ… twitter.com/i/web/status/1… 2021-10-10 05:26:59
Twitter Icon @miraihack “Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog” htn.to/3ym3Gcb2no 2021-10-10 05:33:05
Twitter Icon @shunta08101 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 05:34:48
Twitter Icon @sutest1101 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 05:54:17
Twitter Icon @ohhara_shiojiri Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 06:36:14
Twitter Icon @modokey “Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog” htn.to/3rKd8dWkqz 2021-10-10 06:45:56
Twitter Icon @modokey “Apache httpdの脆弱性“CVE-2021-42013”の発見と報告 – IIJ セキュリティオペレーションセンター | IIJ Engineers Blog” htn.to/21EFtXmzD7 2021-10-10 06:48:20
Twitter Icon @hsur Apache httpd の脆弱性に注意(CVE-2021-42013): Apache httpd 2.4.50 のリリースから数日しか経っていませんが、2.4.51 がリリース... blog.cles.jp/item/12768?utm… 2021-10-10 06:52:10
Twitter Icon @hernanespinoza ? Active scanning of Apache HTTP Server CVE-2021-41773 & CVE-2021-42013 is ongoing and expected to accelerate, like… twitter.com/i/web/status/1… 2021-10-10 07:48:52
Twitter Icon @nmatayoshi Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 09:04:17
Twitter Icon @t_motooka まとめ助かる / “Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog” htn.to/3xvZKCt31a 2021-10-10 09:52:36
Twitter Icon @bashgrylls @NevenaSofranic Jesi li patch-ovala ove nove propuste? CVE-2021-42013 ? Sada znaš iz iskustva iz sna (snilog iskus… twitter.com/i/web/status/1… 2021-10-10 10:16:08
Twitter Icon @avalon1982 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた piyolog.hatenadiary.jp/entry/2021/10/… b.hatena.ne.jp/entry/s/piyolo… 2021-10-10 13:03:07
Twitter Icon @HAL_CSIRT 【更新:Apache HTTP Server の脆弱性対策について(CVE-2021-41773, CVE-2021-42013)】 ・バージョン 2.4.50 にて、修正が不十分であることが公表(CVE-2021-42013)さ… twitter.com/i/web/status/1… 2021-10-10 13:05:10
Twitter Icon @nerubesa Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog ift.tt/30cUova 2021-10-10 13:29:59
Twitter Icon @TheXXLMAN Apache server version 2.4.51 (CVE-2021-42013) https://t.co/fjeJGWJIP9 2021-10-10 14:47:25
Twitter Icon @sakuranbon50 はいきた! 私の仕事が増えるやーつ? #お仕事の話 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 14:54:00
Twitter Icon @RyoTa63292153 1件のコメント b.hatena.ne.jp/entry?url=http… “Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog” (39 u… twitter.com/i/web/status/1… 2021-10-10 16:18:39
Twitter Icon @tukaelu 1件のコメント b.hatena.ne.jp/entry?url=http… “Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog” (42 u… twitter.com/i/web/status/1… 2021-10-10 20:45:49
Twitter Icon @creadpag Path Traversal Zero-Day en Apache HTTP Server | CVE-2021-41773|CVE-2021-42013 creadpag.com/2021/10/path-t… #cve… twitter.com/i/web/status/1… 2021-10-10 21:54:03
Twitter Icon @yosilove Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 22:29:21
Twitter Icon @yk_style2011 他のスコアが高い脆弱性は、このサイトぐらい詳しく情報を提供してほしいなって常々思う。 特に攻撃方法とか。 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめ… twitter.com/i/web/status/1… 2021-10-10 23:06:45
Twitter Icon @kaakaa_hoe_prog Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-10 23:49:19
Twitter Icon @kit1t Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 00:15:11
Twitter Icon @oha000 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 00:24:10
Twitter Icon @tamosan 夜行性インコさんのまとめ。先日から騒ぎになっているApacheの脆弱性について。PoCへのリンクもあり:Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめて… twitter.com/i/web/status/1… 2021-10-11 00:58:54
Twitter Icon @giw_news Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 01:45:24
Twitter Icon @taku888infinity Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 02:26:15
Twitter Icon @ksk_bfb Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 04:13:52
Twitter Icon @tsaka1 ふむふむ。。。 RT: Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 04:29:42
Twitter Icon @seo_jp_news Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた – piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 05:23:05
Twitter Icon @Pyo0072 Apache HTTP Server の深刻な脆弱性CVE-2021-41773とCVE-2021-42013についてまとめてみた - piyolog piyolog.hatenadiary.jp/entry/2021/10/… 2021-10-11 06:49:41
Twitter Icon @Securityblog GitHub - andrea-mattioli/apache-exploit-CVE-2021-42013: Exploit with integrated shodan search github.com/andrea-mattiol… 2021-10-11 08:33:20
Twitter Icon @iamamoose Apache 2.4.49/2.4.50 postmortem CVE-2021-41773 and CVE-2021-42013 github.com/icing/blog/blo… 2021-10-11 08:50:11
Twitter Icon @ueyasu Apache HTTP Server 2.4.50におけるパストラバーサル脆弱性(CVE-2021-42013)の発見 – wizSafe Security Signal -安心・安全への道標- IIJ wizsafe.iij.ad.jp/2021/10/1285/ 2021-10-11 10:05:42
Twitter Icon @hands_of_cat CVE-2021-41773, CVE-2021-42013 "Apache/2.4.50" country:"JP" 361件 "Apache/2.4.51" country:"JP" 316件 対策したサーバ、増えたな。 ※… twitter.com/i/web/status/1… 2021-10-11 10:29:16
Twitter Icon @oss_security Re: CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fi… twitter.com/i/web/status/1… 2021-10-11 12:50:33
Twitter Icon @GlegExploitPack ZDA pack + Canvas in action: videos for Apache 2.4.49 RCE CVE-2021-41773, 2.4.50 RCE CVE-2021-42013 : vimeo.com/user7532837/vi… 2021-10-11 13:26:24
Twitter Icon @XakepRU Разработчики Apache подготовили дополнительный патч для свежей 0-day уязвимости xakep.ru/2021/10/11/cve… https://t.co/mNutjBXFpf 2021-10-11 16:30:45
Twitter Icon @IT_news_for_all Разработчики Apache подготовили дополнительный патч для свежей 0-day уязвимости xakep.ru/2021/10/11/cve…...… twitter.com/i/web/status/1… 2021-10-11 16:39:06
Twitter Icon @Mohamed87Khayat For automatic search for the new critical apache vuln cve-2021-41773& cve-2021-42013 Use this : github tool for poc… twitter.com/i/web/status/1… 2021-10-11 17:48:46
Twitter Icon @qualys Apache HTTP Server Path Normalization and Remote Code Execution (RCE) Vulnerability (CVE-2021-42013)… twitter.com/i/web/status/1… 2021-10-11 19:00:09
Twitter Icon @linuxtoday UPDATE NOW: CVE-2021-42013 Vulnerability in Apache httpd Allows Access Outside the Site Root Directory linuxtoday.com/developer/upda… #Linux 2021-10-11 20:01:00
Reddit Logo Icon /r/sysadmin Apache Releases HTTP Server version 2.4.51 to Address Vulnerabilities Under Exploitation 2021-10-07 21:29:38
Reddit Logo Icon /r/SecOpsDaily Apache HTTP Server CVE-2021-42013 and CVE-2021-41773 Exploited 2021-10-22 07:29:33
Reddit Logo Icon /r/torchsecuritynet Apache HTTP Server 2.4.50 CVE-2021-42013 Exploitation 2021-11-30 04:17:43
Reddit Logo Icon /r/snort Directory Traversal rule 2021-12-09 03:10:18
Reddit Logo Icon /r/SecOpsDaily Apache Directory Traversal CVE-2021-41773 and CVE-2021-42013 Exploit 2022-08-03 20:58:19
© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report