Adversaries may abuse legitimate extensible development features of servers to establish persistent access to systems. Enterprise server applications may include features that allow developers to write and install software or scripts to extend the functionality of the main application. Adversaries may install malicious components to extend and abuse server applications.(Citation: volexity_0day_sophos_FW)
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2022-29303 | SolarView Compact Command Injection Vulnerability | exploitation_technique | T1505 | Server Software Component |
Comments
CVE-2022-29303 is a command injection vulnerability within a PHP component in the product's web server.
Reports indicate that the vulnerability have been exploited by operators of Mirai botnet malware.
References
|