CVE-2015-7901

Infinite Automation Mango Automation <2.6.0-430 - Command Injection

Title source: llm

Description

Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED
by James Fitts · rubyremotejsp
https://www.exploit-db.com/exploits/42698
exploitdb WORKING POC
webappsjsp
https://www.exploit-db.com/exploits/38338

References (2)

Scores

EPSS 0.0728
EPSS Percentile 91.7%

Details

CWE
CWE-78
Status published
Products (3)
infinite_automation_systems/mango_automation 2.5.0
infinite_automation_systems/mango_automation 2.5.5
infinite_automation_systems/mango_automation 2.6.0
Published Oct 28, 2015
Tracked Since Feb 18, 2026