CVE-2021-47730
moderate-risk
Published 2025-12-09
Selea Targa IP OCR-ANPR Camera contains a cross-site request forgery vulnerability that allows attackers to create administrative users without authentication. Attackers can craft a malicious web page that submits a form to add a new admin user with full system privileges when a logged-in user visits the page.
Do I need to act?
-
0.13% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (15)
Izero Box Full Firmware
Izero Column Entry\/8 Firmware
Izero Column Full\/8 Firmware
Targa 504 Firmware
Targa 512 Firmware
Targa 704 Ilb Firmware
Targa 704 Tkm Firmware
Targa 710 Inox Firmware
Targa 750 Firmware
Targa 805 Firmware
Targa Semplice Firmware
Carplateserver
Carplateserver
Carplateserver
Carplateserver
Affected Vendors
References (5)
Not Applicable
https://github.com/zeroscience
Product
https://www.selea.com
Third Party Advisory
https://www.vulncheck.com/advisories/selea-targa-ip-camera-cross-site-request-fo...
Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5618.php
49
/ 100
moderate-risk
Severity
30/34 · Critical
Exploitability
1/34 · Minimal
Exposure
18/34 · Moderate