CVSS 3.1 Score 7.5 of 10 (high)


Published Oct 5, 2021
Updated: Nov 7, 2023


CVE-2021-41773 is a vulnerability found in Apache HTTP Server 2.4.49 that allows for path traversal attacks, potentially leading to remote code execution. This vulnerability affects Apache 2.4.49 and not earlier versions. If files outside of the directories configured by Alias-like directives are not protected by the default configuration, these attacks can succeed. It is worth noting that this issue has been observed to be exploited in the wild. The fix provided in Apache HTTP Server 2.4.50 was found to be incomplete, as indicated by CVE-2021-42013.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2021-41773 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options