CVE-2021-42013 PoC — Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)

Source

https://github.com/FakhriCRD/Apache-CVE-2021-42013-RCE-Exploit

Associated Vulnerability

Title:Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013)
Description:It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.

Description

A powerful and reliable exploit tool for Apache HTTP Server vulnerabilities CVE-2021-41773 and CVE-2021-42013. This tool provides remote code execution capabilities on vulnerable Apache 2.4.49 and 2.4.50 servers.

Readme

### 🚀 Overview


This exploit tool targets path traversal and remote code execution vulnerabilities in Apache HTTP Server versions 2.4.49 and 2.4.50. The tool uses curl backend to bypass URL encoding issues that affect other Python-based exploit attempts, providing reliable exploitation even when other tools fail.

<img width="702" height="617" alt="Screenshot 2025-10-28 at 18 59 44" src="https://github.com/user-attachments/assets/784dde42-0ae8-4fb4-82c6-ec87c5f7e1d5" />

⚡ Features
🔧 Multiple Payload Support: Tests various exploitation paths and techniques

💻 Interactive Shell: Full interactive command execution with auto-completion

🔄 Auto Reverse Shell: Automatic reverse shell generation with multiple payload types

🔍 System Reconnaissance: Quick system information gathering and enumeration

🚀 Curl Backend: Bypasses URL encoding limitations that break other tools

🖥️ Cross-Platform: Works on Linux, Windows, and macOS

📦 No Dependencies: Uses only built-in Python libraries and system tools

🎯 Smart Detection: Automatically detects Apache version and vulnerability status

### 🎯 Vulnerabilities
```
CVE-2021-41773

Affected Versions: Apache 2.4.49

Description: Path traversal vulnerability allowing access to files outside web root

CVSS Score: 7.5 (High)

Impact: Information disclosure, limited file access
```

```
CVE-2021-42013

    Affected Versions: Apache 2.4.50

    Description: Remote Code Execution vulnerability when CGI is enabled

    CVSS Score: 9.8 (Critical)

    Impact: Full system compromise, arbitrary command execution
```

### 📥 Installation bash

# Clone the repository
```
git clone https://github.com/FakhriCRD/apache-cve-2021-42013-exploit.git
cd apache-cve-2021-42013-exploit
```
# Make executable
```
chmod +x exploit.py
```
# Verify curl is available (required)
```
curl --version
```
# No additional Python dependencies required!

Requirements

Python 3.6+

curl (system command)

netcat (for reverse shell functionality)

### 🛠️ Usage
Basic Syntax
bash
```
python3 apache_exploit.py -u <TARGET_URL> [OPTIONS]

Options
Option	Description	Example
-u, --url	Target URL (required)	-u http://target.com

-c, --command	Execute single command	-c "whoami"

-i, --interactive	Start interactive shell	-i

-r, --reverse	Auto generate reverse shell	-r

-s, --scan	Perform system reconnaissance	-s

-lh, --lhost	Local IP for reverse shell	-lh 192.168.1.100

-lp, --lport	Local port for reverse shell	-lp 4444
```

File Snapshot


 [4.0K]  /data/pocs/098276c34a05eb64477b75a9316cb751ac8c40a6
├── [ 10K]  exploit.py
└── [2.4K]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!