CVE-2021-47731 - Vulnerability Details

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Selea	Carplateserver Izero Box Full Izero Box Full Firmware Izero Column Entry\/8 Izero Column Entry\/8 Firmware Izero Column Full\/8 Izero Column Full\/8 Firmware Targa 504 Targa 504 Firmware Targa 512 Targa 512 Firmware Targa 704 Ilb Targa 704 Ilb Firmware Targa 704 Tkm Targa 704 Tkm Firmware Targa 710 Inox Targa 710 Inox Firmware Targa 750 Targa 750 Firmware Targa 805 Targa 805 Firmware Targa Ip Ocr-anpr Camera Targa Semplice Targa Semplice Firmware

Configuration 1 [-]

AND

cpe:2.3:o:selea:izero_box_full_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:izero_box_full:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:selea:izero_column_entry\/8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:izero_column_entry\/8:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:selea:izero_column_full\/8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:izero_column_full\/8:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:selea:targa_504_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_504:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:selea:targa_512_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_512:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:selea:targa_704_ilb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_704_ilb:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:selea:targa_704_tkm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_704_tkm:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:selea:targa_710_inox_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_710_inox:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:selea:targa_750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_750:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:selea:targa_805_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_805:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:selea:targa_semplice_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_semplice:-:*:*:*:*:*:*:*

Configuration 12 [-]

OR	cpe:2.3:a:selea:carplateserver:3.005\(191112\):::::::*
	cpe:2.3:a:selea:carplateserver:3.005\(191206\):::::::*
	cpe:2.3:a:selea:carplateserver:3.100\(200225\):::::::*
	cpe:2.3:a:selea:carplateserver:4.013\(201105\):::::::*

No data.

References

Link	Providers
https://github.com/zeroscience
https://www.exploit-db.com/exploits/49455
https://www.selea.com
https://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-configuration-overwrite
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php

History

Mon, 23 Feb 2026 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Selea carplateserver Selea izero Box Full Selea izero Box Full Firmware Selea izero Column Entry\/8 Selea izero Column Entry\/8 Firmware Selea izero Column Full\/8 Selea izero Column Full\/8 Firmware Selea targa 504 Selea targa 504 Firmware Selea targa 512 Selea targa 512 Firmware Selea targa 704 Ilb Selea targa 704 Ilb Firmware Selea targa 704 Tkm Selea targa 704 Tkm Firmware Selea targa 710 Inox Selea targa 710 Inox Firmware Selea targa 750 Selea targa 750 Firmware Selea targa 805 Selea targa 805 Firmware Selea targa Semplice Selea targa Semplice Firmware
CPEs		cpe:2.3:a:selea:carplateserver:3.005\(191112\):::::::* cpe:2.3:a:selea:carplateserver:3.005\(191206\):::::::* cpe:2.3:a:selea:carplateserver:3.100\(200225\):::::::* cpe:2.3:a:selea:carplateserver:4.013\(201105\):::::::* cpe:2.3:h:selea:izero_box_full:-:::::::* cpe:2.3:h:selea:izero_column_entry\/8:-:::::::* cpe:2.3:h:selea:izero_column_full\/8:-:::::::* cpe:2.3:h:selea:targa_504:-:::::::* cpe:2.3:h:selea:targa_512:-:::::::* cpe:2.3:h:selea:targa_704_ilb:-:::::::* cpe:2.3:h:selea:targa_704_tkm:-:::::::* cpe:2.3:h:selea:targa_710_inox:-:::::::* cpe:2.3:h:selea:targa_750:-:::::::* cpe:2.3:h:selea:targa_805:-:::::::* cpe:2.3:h:selea:targa_semplice:-:::::::* cpe:2.3:o:selea:izero_box_full_firmware:-:::::::* cpe:2.3:o:selea:izero_column_entry\/8_firmware:-:::::::* cpe:2.3:o:selea:izero_column_full\/8_firmware:-:::::::* cpe:2.3:o:selea:targa_504_firmware:-:::::::* cpe:2.3:o:selea:targa_512_firmware:-:::::::* cpe:2.3:o:selea:targa_704_ilb_firmware:-:::::::* cpe:2.3:o:selea:targa_704_tkm_firmware:-:::::::* cpe:2.3:o:selea:targa_710_inox_firmware:-:::::::* cpe:2.3:o:selea:targa_750_firmware:-:::::::* cpe:2.3:o:selea:targa_805_firmware:-:::::::* cpe:2.3:o:selea:targa_semplice_firmware:-:::::::*
Vendors & Products		Selea carplateserver Selea izero Box Full Selea izero Box Full Firmware Selea izero Column Entry\/8 Selea izero Column Entry\/8 Firmware Selea izero Column Full\/8 Selea izero Column Full\/8 Firmware Selea targa 504 Selea targa 504 Firmware Selea targa 512 Selea targa 512 Firmware Selea targa 704 Ilb Selea targa 704 Ilb Firmware Selea targa 704 Tkm Selea targa 704 Tkm Firmware Selea targa 710 Inox Selea targa 710 Inox Firmware Selea targa 750 Selea targa 750 Firmware Selea targa 805 Selea targa 805 Firmware Selea targa Semplice Selea targa Semplice Firmware
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Wed, 10 Dec 2025 21:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Selea Selea targa Ip Ocr-anpr Camera
Vendors & Products		Selea Selea targa Ip Ocr-anpr Camera

Wed, 10 Dec 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 09 Dec 2025 21:00:00 +0000

Type	Values Removed	Values Added
Description		Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.
Title		Selea Targa IP Camera Developer Backdoor Configuration Overwrite
Weaknesses		CWE-306
References		https://github.com/zeroscience https://www.exploit-db.com/exploits/49455 https://www.selea.com https://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-configuration-overwrite https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2025-12-09T20:47:02.420Z

Updated: 2025-12-10T16:48:33.470Z

Reserved: 2025-12-07T20:10:09.804Z

Link: CVE-2021-47731

Vulnrichment

Updated: 2025-12-10T15:50:40.610Z

NVD

Status : Analyzed

Published: 2025-12-09T21:15:51.707

Modified: 2026-02-23T18:53:51.337

Link: CVE-2021-47731

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object