DESCRIPTION:
A path transversal flaw (CVE-2021-41773) was found in Apache HTTP server. A remote attacker could use this flaw to map URLs to files outside the expected document root. Additionally this flaw could leak the source of interpreted files like CGI scripts.
AFFECTED RELEASES:
Apache HTTP Server 2.4.49
SOLUTION:
Users and system administrators of affected products are advised to apply the security updates immediately from the following URL:
https://httpd.apache.org/security/vulnerabilities_24.html
REFERENCE:
1. https://httpd.apache.org/security/vulnerabilities_24.html
2. https://thehackernews.com/2021/10/apache-warns-of-zero-day-exploit-in.html