Apache HTTP version 2.4.49 does not normalize paths correctly allowing an attacker to traverse filepaths on the server. This TTP sends a cURL request containing the location of '/etc/passwd'. If the response matches the output from the local box's '/etc/passwd', then the CVE was successfully exploited.
View Command
To view this TTPs command, you must be logged in with a professional or enterprise license.