CVE-2021-47731

Summary

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.

Affected Software

VendorProductVersion RangeStatus
Selea s.r.l.Selea Targa IP OCR-ANPR CameraModel: iZeroaffected

Weaknesses

  • CWE-306: CWE-306: Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References