CVE-2021-47731

high-risk
Published 2025-12-09

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.

Do I need to act?

-
0.11% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (15)

Izero Box Full Firmware
Izero Column Entry\/8 Firmware
Izero Column Full\/8 Firmware
Targa 504 Firmware
Targa 512 Firmware
Targa 704 Ilb Firmware
Targa 704 Tkm Firmware
Targa 710 Inox Firmware
Targa 750 Firmware
Targa 805 Firmware
Targa Semplice Firmware
Carplateserver
Carplateserver
Carplateserver
Carplateserver

Affected Vendors

Selea

References (5)

Not Applicable https://github.com/zeroscience
Exploit https://www.exploit-db.com/exploits/49455
Product https://www.selea.com
Third Party Advisory https://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-co...
Third Party Advisory https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php
50
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 0/34 · Minimal
Exposure 18/34 · Moderate