Rewterz Threat Advisory – CVE-2020-24363 – TP-Link TL-WA855RE denial of service
September 2, 2020Rewterz Threat Alert – SharePoint and OneNote Being Used to Harvest Credentials
September 3, 2020Rewterz Threat Advisory – CVE-2020-24363 – TP-Link TL-WA855RE denial of service
September 2, 2020Rewterz Threat Alert – SharePoint and OneNote Being Used to Harvest Credentials
September 3, 2020Severity
Medium
Analysis Summary
CVE-2020-5777
MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting max_connections (default 151) is lower than Apache (or another web server) setting MaxRequestWorkers (formerly MaxClients) (default 256).
CVE-2020-5776
All versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.
Impact
- Remote code execution
- Cross Site Request Forgery
Affected Vendors
Magmi
Affected Products
MAGMI versions prior to 0.7.24
Remediation
The fix for CVE-2020-5777 is update to MAGMI version 0.7.24 whereas, there is no known solution for CVE-2020-5776 at this time.