Rewterz Threat Alert – REvil Strikes Again – Active IOCs
June 16, 2021Rewterz Threat Advisory – Cisco Small Business 220 Series Smart Switches Vulnerability
June 17, 2021Rewterz Threat Alert – REvil Strikes Again – Active IOCs
June 16, 2021Rewterz Threat Advisory – Cisco Small Business 220 Series Smart Switches Vulnerability
June 17, 2021Severity
Medium
Analysis Summary
CVE-2021-30641
Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with ‘MergeSlashes OFF. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation
Impact
- Unauthorized Access
- Code Execution
Affected Vendors
Apache
Affected Products
- Apache HTTP Server versions 2.4.39 to 2.4.46
Remediation
For Apache HTTP Server upgrade to version 2.4.48 or above.
http://httpd.apache.org/security/vulnerabilities_24.html