CVE-2021-41773 – Apache web server Path traversal
This past Monday, October 4th, Apache disclosed a vulnerability introduced on Apache HTTP Server 2.4.49 known as CVE-2021-41773. At the same time, update 2.4.50 was released, fixing this vulnerability. The vulnerability allows an attacker to bypass Path traversal protections, using encoding, and read arbitrary files on the webserver’s file system. Both Linux and Windows servers running this version of Apache are affected.