CAPEC-563: Add Malicious File to Shared Webroot
ID
CAPEC-563
Status
Draft
An adversaries may add malicious content to a website through the open file share and then browse to that content with a web browser to cause the server to execute the content. The malicious content will typically run under the context and permissions of the web server process, often resulting in local system or administrative privileges depending on how the web server is configured.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-284 | Improper Access Control | weakness |