ATTACK [PTsecurity] Apache HTTP Server 2.4.49 RCE attempt (CVE-2021-41773)

SID: 10006813Rev: 137 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Apache HTTP Server 2.4.49 RCE attempt (CVE-2021-41773)"; flow:established, to_server; content:"%2e/"; nocase; http_raw_uri; content:"sh"; distance:0; nocase; http_raw_uri; pcre:"/\/(\.|%2e)%2e\//Ii"; content:"POST"; nocase; http_method; reference:cve, 2021-41773; reference:url, twitter.com/lofi42/status/1445382059640434695; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10006813; rev:1;)

References

cve2021-41773
urltwitter.com/lofi42/status/1445382059640434695
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!