CVE-2021-47731 - Vulnerability Details

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00066.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Selea s.r.l.

Selea Targa IP OCR-ANPR Camera

unaffected

Version	Status	Constraints
`Model: iZero`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:selea:izero_box_full_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:izero_box_full:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:selea:izero_column_entry\/8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:izero_column_entry\/8:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:selea:izero_column_full\/8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:izero_column_full\/8:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:selea:targa_504_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_504:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:selea:targa_512_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_512:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:selea:targa_704_ilb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_704_ilb:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:selea:targa_704_tkm_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_704_tkm:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:selea:targa_710_inox_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_710_inox:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:selea:targa_750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_750:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:selea:targa_805_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_805:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:selea:targa_semplice_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:selea:targa_semplice:-:*:*:*:*:*:*:*

Configuration 12 [-]

OR	cpe:2.3:a:selea:carplateserver:3.005\(191112\):::::::*
	cpe:2.3:a:selea:carplateserver:3.005\(191206\):::::::*
	cpe:2.3:a:selea:carplateserver:3.100\(200225\):::::::*
	cpe:2.3:a:selea:carplateserver:4.013\(201105\):::::::*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Selea Subscribe	Targa Ip Ocr-anpr Camera Subscribe

Project Subscriptions

Vendors	Products
Selea Subscribe	Carplateserver Subscribe Izero Box Full Subscribe Izero Box Full Firmware Subscribe Izero Column Entry\/8 Subscribe Izero Column Entry\/8 Firmware Subscribe Izero Column Full\/8 Subscribe Izero Column Full\/8 Firmware Subscribe Targa 504 Subscribe Targa 504 Firmware Subscribe Targa 512 Subscribe Targa 512 Firmware Subscribe Targa 704 Ilb Subscribe Targa 704 Ilb Firmware Subscribe Targa 704 Tkm Subscribe Targa 704 Tkm Firmware Subscribe Targa 710 Inox Subscribe Targa 710 Inox Firmware Subscribe Targa 750 Subscribe Targa 750 Firmware Subscribe Targa 805 Subscribe Targa 805 Firmware Subscribe Targa Ip Ocr-anpr Camera Subscribe Targa Semplice Subscribe Targa Semplice Firmware Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/zeroscience
https://www.exploit-db.com/exploits/49455
https://www.selea.com
https://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-configuration-overwrite
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php

History

Mon, 23 Feb 2026 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Selea carplateserver Selea izero Box Full Selea izero Box Full Firmware Selea izero Column Entry\/8 Selea izero Column Entry\/8 Firmware Selea izero Column Full\/8 Selea izero Column Full\/8 Firmware Selea targa 504 Selea targa 504 Firmware Selea targa 512 Selea targa 512 Firmware Selea targa 704 Ilb Selea targa 704 Ilb Firmware Selea targa 704 Tkm Selea targa 704 Tkm Firmware Selea targa 710 Inox Selea targa 710 Inox Firmware Selea targa 750 Selea targa 750 Firmware Selea targa 805 Selea targa 805 Firmware Selea targa Semplice Selea targa Semplice Firmware
CPEs		cpe:2.3:a:selea:carplateserver:3.005\(191112\):::::::* cpe:2.3:a:selea:carplateserver:3.005\(191206\):::::::* cpe:2.3:a:selea:carplateserver:3.100\(200225\):::::::* cpe:2.3:a:selea:carplateserver:4.013\(201105\):::::::* cpe:2.3:h:selea:izero_box_full:-:::::::* cpe:2.3:h:selea:izero_column_entry\/8:-:::::::* cpe:2.3:h:selea:izero_column_full\/8:-:::::::* cpe:2.3:h:selea:targa_504:-:::::::* cpe:2.3:h:selea:targa_512:-:::::::* cpe:2.3:h:selea:targa_704_ilb:-:::::::* cpe:2.3:h:selea:targa_704_tkm:-:::::::* cpe:2.3:h:selea:targa_710_inox:-:::::::* cpe:2.3:h:selea:targa_750:-:::::::* cpe:2.3:h:selea:targa_805:-:::::::* cpe:2.3:h:selea:targa_semplice:-:::::::* cpe:2.3:o:selea:izero_box_full_firmware:-:::::::* cpe:2.3:o:selea:izero_column_entry\/8_firmware:-:::::::* cpe:2.3:o:selea:izero_column_full\/8_firmware:-:::::::* cpe:2.3:o:selea:targa_504_firmware:-:::::::* cpe:2.3:o:selea:targa_512_firmware:-:::::::* cpe:2.3:o:selea:targa_704_ilb_firmware:-:::::::* cpe:2.3:o:selea:targa_704_tkm_firmware:-:::::::* cpe:2.3:o:selea:targa_710_inox_firmware:-:::::::* cpe:2.3:o:selea:targa_750_firmware:-:::::::* cpe:2.3:o:selea:targa_805_firmware:-:::::::* cpe:2.3:o:selea:targa_semplice_firmware:-:::::::*
Vendors & Products		Selea carplateserver Selea izero Box Full Selea izero Box Full Firmware Selea izero Column Entry\/8 Selea izero Column Entry\/8 Firmware Selea izero Column Full\/8 Selea izero Column Full\/8 Firmware Selea targa 504 Selea targa 504 Firmware Selea targa 512 Selea targa 512 Firmware Selea targa 704 Ilb Selea targa 704 Ilb Firmware Selea targa 704 Tkm Selea targa 704 Tkm Firmware Selea targa 710 Inox Selea targa 710 Inox Firmware Selea targa 750 Selea targa 750 Firmware Selea targa 805 Selea targa 805 Firmware Selea targa Semplice Selea targa Semplice Firmware
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Wed, 10 Dec 2025 21:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Selea Selea targa Ip Ocr-anpr Camera
Vendors & Products		Selea Selea targa Ip Ocr-anpr Camera

Wed, 10 Dec 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 09 Dec 2025 21:00:00 +0000

Type	Values Removed	Values Added
Description		Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.
Title		Selea Targa IP Camera Developer Backdoor Configuration Overwrite
Weaknesses		CWE-306
References		https://github.com/zeroscience https://www.exploit-db.com/exploits/49455 https://www.selea.com https://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-configuration-overwrite https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php
Metrics		cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2025-12-09T20:47:02.420Z

Updated: 2025-12-10T16:48:33.470Z

Reserved: 2025-12-07T20:10:09.804Z

Link: CVE-2021-47731

Vulnrichment

Updated: 2025-12-10T15:50:40.610Z

NVD

Status : Analyzed

Published: 2025-12-09T21:15:51.707

Modified: 2026-02-23T18:53:51.337

Link: CVE-2021-47731

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-12-10T21:33:20Z

Weaknesses

CWE-306

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object