{
	"id": "b0fab625-4b91-4d66-8dc2-ccd6dc8f085b",
	"created_at": "2026-04-06T00:09:20.691929Z",
	"updated_at": "2026-04-10T03:21:59.002465Z",
	"deleted_at": null,
	"sha1_hash": "3d46a128b98517b1cbcf984e5d7e68e41c367e38",
	"title": "CAPEC-563: Add Malicious File to Shared Webroot (Version 3.9)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 39165,
	"plain_text": "CAPEC-563: Add Malicious File to Shared Webroot (Version 3.9)\r\nArchived: 2026-04-05 15:46:47 UTC\r\n Description\r\nAn adversaries may add malicious content to a website through the open file share and then browse to that content with a\r\nweb browser to cause the server to execute the content. The malicious content will typically run under the context and\r\npermissions of the web server process, often resulting in local system or administrative privileges depending on how the\r\nweb server is configured.\r\n Relationships\r\nThis table shows the other attack patterns and high level categories that are related to this attack pattern. These\r\nrelationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and lower levels\r\nof abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack\r\npatterns that the user may want to explore.\r\nNature Type\r\nChildOf Standard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It\r\nThis table shows the views that this attack pattern belongs to and top level categories within that view.\r\n Mitigations\r\nEnsure proper permissions on directories that are accessible through a web server. Disallow remote access to the web root.\r\nDisable execution on directories within the web root. Ensure that permissions of the web server process are only what is\r\nrequired by not using built-in accounts and instead create specific accounts to limit unnecessary access or permissions\r\noverlap across multiple systems.\r\n Taxonomy Mappings\r\nCAPEC mappings to ATT\u0026CK techniques leverage an inheritance model to streamline and minimize direct\r\nCAPEC/ATT\u0026CK mappings. Inheritance of a mapping is indicated by text stating that the parent CAPEC has relevant\r\nATT\u0026CK mappings. Note that the ATT\u0026CK Enterprise Framework does not use an inheritance model as part of the\r\nmapping to CAPEC.\r\nRelevant to the ATT\u0026CK taxonomy mapping (see parent )\r\n Content History\r\nSubmissions\r\nSubmission Date Submitter Organization\r\n2015-11-09\r\n(Version 2.7)\r\nCAPEC Content Team The MITRE Corporation\r\nModifications\r\nModification Date Modifier Organization\r\n2019-04-04\r\n(Version 3.1)\r\nCAPEC Content Team The MITRE Corporation\r\nUpdated Related_Weaknesses\r\n2020-07-30\r\n(Version 3.3)\r\nCAPEC Content Team The MITRE Corporation\r\nUpdated Taxonomy_Mappings\r\nMore information is available — Please select a different filter.\r\nhttps://capec.mitre.org/data/definitions/563.html\r\nPage 1 of 2\n\nSource: https://capec.mitre.org/data/definitions/563.html\r\nhttps://capec.mitre.org/data/definitions/563.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://capec.mitre.org/data/definitions/563.html"
	],
	"report_names": [
		"563.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434160,
	"ts_updated_at": 1775791319,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/3d46a128b98517b1cbcf984e5d7e68e41c367e38.pdf",
		"text": "https://archive.orkl.eu/3d46a128b98517b1cbcf984e5d7e68e41c367e38.txt",
		"img": "https://archive.orkl.eu/3d46a128b98517b1cbcf984e5d7e68e41c367e38.jpg"
	}
}