Canadian and Saudi Arabian cybersecurity raised awareness about the ongoing attack targeting the outdated systems. The vulnerability affects all the versions of the versions from SharePoint Server 2010 to through SharePoint 2019. The attackers used China Chopper web shell to access the compromised servers remotely and to issue commands and to manage files on the victim server. The web shell allows an attacker to upload and download any files from the compromised server and to edit, delete, copy, rename and even to change the timestamp of existing files. The organization running share point servers recommended updating the servers to addresses the vulnerability.”]
Source: https://gbhackers.com/hackers-microsoft-sharepoint-servers/