MAGMI (Magento Mass Importer) Plugin CSRF Vulnerability (CVE-2020-5776) Scanner

If you are using MAGMI (Magento Mass Importer) Plugin, it is better to check your system if any vulnerability exists.

Details

Stay Up To Date

Follow @secforeveryone

Asset Type

domain,ip

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

MAGMI (Magento Mass Importer) Plugin CSRF Vulnerability (CVE-2020-5776) Scanner Detail

If you are using MAGMI (Magento Mass Importer) Plugin, it is better to check your system if any vulnerability exists.

Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.

Some Advice for Common Problems

Update your MAGMI (Magento Mass Importer) Plugin, to the latest version to eliminate this vulnerability.

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service