Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE Exploit Author: Lucas Souza https://ls4ss.github.io/ Vendor Homepage: https://apache.org/ Version: 2.4.49, 2.4.50 Tested on: 2.4.49, 2.4.50 CVE : CVE-2021-41773, CVE-2021-42013 Credits: Ash Daulton and the cPanel Security Team Usage ./PoC.sh targets.txt /etc/passwd ./PoC.sh targets.txt /bin/sh "id"
