Apache offers a popular server hosting facility & has had recent security updates to better address exploits in the wild.  ADMINS should pilot test & update promptly.


Apache HTTP Server 2.4 vulnerabilities – The Apache HTTP Server Project

On October 7, 2021, the Apache Software Foundation released Apache HTTP Server version 2.4.51 to address Path Traversal and Remote Code Execution vulnerabilities (CVE-2021-41773, CVE-2021-42013) in Apache HTTP Server 2.4.49 and 2.4.50. These vulnerabilities have been exploited in the wild.  CISA urges organizations to patch immediately if they haven’t already—this cannot wait until after the holiday weekend.