The host is installed with Apache HTTP Server 2.4.49 or 2.4.50 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle a issue in path normalization. Successful exploitation could allow attackers to use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives, and it could leads to remote code execution by enabling the aliased pathes of CGI scripts.