Skip to content

Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).

Notifications You must be signed in to change notification settings

zerodaywolf/CVE-2021-41773_42013

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2021-41773 and CVE-2021-42013 Lab Setup

Setup

$ git clone https://github.com/vulf/CVE-2021-41773_42013
$ cd CVE-2021-41773_42013
cd to the directory of your choice
$ docker build -t vuln_apache .
$ docker run -d vuln_apache

NOTE: The httpd.conf files are configured to be vulnerable to RCE by default. For only Path Traversal, read this.

For Path Traversal setup

  • Comment the following line in httpd.conf
LoadModule cgid_module modules/mod_cgid.so

About

Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published