• Creation
  • Validation
  • Communication & fix
  • Disclosure

Payspective / Apache 2.4.49 vulnerable to CVE-2021-41773

reported 2021-10-08

Your server was found vulnerable to CVE-2021-41773.

Attackers can read any file from your server.

Under some circumstances attackers are able to execute code on your server.

IP:
35.156.77.165
Port:
443
Detected protocol:
https
Found host file trough Apache traversal:
127.0.0.1 localhost
127.0.0.1 www.payspective.com payspective.com

# the following lines are desirable for ipv6 capable hosts
#::1 ip6-localhost ip6-loopback
#fe00::0 ip6-localnet
#ff00::0 ip6-mcastprefix
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#ff02::3 ip6-allhosts
127.0.0.1	www.payspective.com payspective.com
Found by Apache2449TraversalPlugin 2021-10-08
Report created by    linkks  2021-10-08
Report edited by    linkks  2021-10-08
Report edited by    BloodyShell  2021-10-08
Report approved by    BloodyShell  2021-10-08
New PDF report generated by system 2021-10-08
Report edited by    BloodyShell  2021-10-08
New PDF report generated by system 2021-10-08
Report dispatched to ...@... by system 2021-10-08
BloodyShell commented 2021-10-09: approved shows in report

Richard Rosser and Nick Patterson have been contacted through linkedin

New PDF report generated by system 2021-10-09
Report comment dispatched to linkks by system 2021-10-09
Report comment dispatched to info@payspective.com by system 2021-10-09
Report marked as fixed by    BloodyShell  2021-10-13
Report closed by    BloodyShell  2021-10-13
New PDF report generated by system 2021-10-13
Information
Owner Payspective
Created 2021-10-08 11:25
Updated 2021-10-13 15:02
Fixed true

Contacts
i...@payspective.com

Status
Status closed
Hosting contacted false
CERT contacted false

Download report