Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.
[
{
"product": "MAGMI",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions of MAGMI"
}
]
}
]