Web Application FirewallApache.HTTP.Server.cgi-bin.Path.Traversal
Description
This indicates an attack attempt to exploit a Path Traversal Vulnerability in Apache HTTP Server.
The vulnerability is due to a path normalisation error in Apache HTTP Server. Successful exploitation can potentially lead to information disclosure.
Outbreak Alert
Apache webservers running an older and vulnerable version of Apache 2.4.49 and 2.4.50 are still deployed on various could platforms. According to Shodan, 6000+ webservers could still be vulnerable to a path traversal attack and can eventually lead to remote code execution.
View the full Outbreak Alert Report
View the full Outbreak Alert Report
Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities. According to Fortinet research analysis the most recent distribution of Zerobot includes additional capabilities such a new DDoS attack capabilities and exploiting Apache vulnerabilities.
View the full Outbreak Alert Report
FortiGuard Labs continue to observe widespread activity of Androxgh0st Malware in the wild exploiting multiple vulnerabilities, specifically targeting- the PHPUnit (CVE-2017-9841), Laravel Framework (CVE-2018-15133) and Apache Web Server (CVE-2021-41773) to spread and conduct information gathering attacks on the target networks
Affected Products
Apache HTTP Server 2.4.49, 2.4.50
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://httpd.apache.org/security/vulnerabilities_24.html
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-09-16 | 1.00038 |
| ID | 1002017273 |
| Created | Sep 16, 2022 |
| Updated | Sep 16, 2022 |
| Outbreak Alert | Apache Path Traversal CISAtop20_PRC2022 Zerobot Attack Androxgh0st Malware |
| Risk |
|
| Default Action | deny |
| Active | |
| Affected OS | Windows, Linux, BSD |
| Affected App | Apache |