Threat actors are exploiting the vulnerability to drop Web shells and cryptominers, security vendor says.