Multiple vulnerabilities have been discovered in the Apache HTTP Server

THREAT LEVEL: Amber.

For a detailed advisory, download the pdf file here.

There is a zero-day vulnerability (CVE-2021-41773) and a DoS vulnerability (CVE-2021-41524) in Apache HTTP servers. After a publicly disclosed exploit, the zero-day vulnerability has been actively exploited in the wild. The Hive Pro Threat research team recommends that you address these vulnerabilities as soon as possible.

Vulnerability Details

Patch Link

https://httpd.apache.org/security/vulnerabilities_24.html

References

https://threatpost.com/apache-web-server-zero-day-sensitive-data/175340/