November 30, 2021
It has been reported that many organizations are being advised to update their Apache HTTP servers after it was discovered that they have been exploited due to a vulnerability. The issue can be exploited by remote attackers to execute arbitrary code. A flaw has been discovered in Apache HTTP, which can allow an attacker to execute arbitrary commands by sending a specially crafted request. By sending a customized HTTP request, an attacker can force a mod_proxy module to route traffic to an origin server, which could allow them to access other internal servers without requiring special permissions.
Since there are more than 500,000 servers that run vulnerable versions of HTTP, Fastly pointed out that the issue mostly impacts organizations that use cloud services such as Amazon Web Services and Google Cloud Platform. Several products from Cisco were affected by the exploitation attempts, which the company has identified. The German BSI has issued a warning about a vulnerability in Apache HTTP Server that could allow an attacker to obtain sensitive information from a targeted system. That flaw, which was identified as CVE-2021-41773, allows remote code execution.
Are you ready to take the next one?
Get in touch with DRPSEC and claim your free consultation.
stay updated - stay safe