CAPEC-563: Add Malicious File to Shared Webroot

An adversaries may add malicious content to a website through the open file share and then browse to that content with a web browser to cause the server to execute the content. The malicious content will typically run under the context and permissions of the web server process, often resulting in local system or administrative privileges depending on how the web server is configured.

Not rated

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-563 (Add Malicious File to Shared Webroot) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-563: Add Malicious File to Shared Webroot

Overview

How to mitigate it

Frequently asked questions

What is CAPEC-563?

How do you prevent CAPEC-563?

What weaknesses does CAPEC-563 target?

References

Defend against CAPEC-563

Overview

How to mitigate it

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-563?

How do you prevent CAPEC-563?

What weaknesses does CAPEC-563 target?

References

Defend against CAPEC-563