Apache HTTP Server 2.4.49 Vulnerability

Two days ago, The Apache Foundation disclosed a path traversal and file disclosure flaw in Apache HTTP Server 2.4.49 (an open-source web server for Unix and Windows that is among the most widely used web servers), tracked as CVE-2021-41773, as actively being exploited in the wild. The advisory does not indicate when exploitation of CVE-2021-41773 was detected, but the exploitation drove the expedited release of a patch by Apache.

This is a threat because a bad actor could exploit this vulnerability and gain access to database credentials through the web server, leading to leaked sensitive content, like source code, passwords, configuration files and other confidential information.

These issues only impact Apache HTTP Server 2.2.49, and a patch is now available. It is important that anyone running Apache HTTP Server 2.4.49 update immediately.

If you’re interested in learning more or are impacted by this vulnerability, our security experts are here to help. We’ve got your back!



Ransomware Preparedness Roundtable Offer


Get In Touch

Call Us

For general inquiries, call: 855.ONENECK

Immediate Assistance

Managed services support: 800.272.3077
Non-managed service support: 515.334.5755
Or visit our service desk:
Service Desk Portal

Chat With Us

Hours available: 24/7
Start a Chat

OneNeck Headquarters

525 Junction Road
Madison, WI 53717
View All Locations

Talk to Our Team