{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:23:46.173","vulnerabilities":[{"cve":{"id":"CVE-2021-47728","sourceIdentifier":"disclosure@vulncheck.com","published":"2025-12-09T21:15:51.243","lastModified":"2026-02-23T19:00:13.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local file inclusion techniques."}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:izero_box_full_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3BC5F782-F358-4E13-88CD-8AF6F631D136"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:izero_box_full:-:*:*:*:*:*:*:*","matchCriteriaId":"8736E8B4-238F-4BB9-900A-44D34AEEA244"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:izero_column_entry\\/8_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6A73F7A2-DCD9-42F1-93AE-147703747B9E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:izero_column_entry\\/8:-:*:*:*:*:*:*:*","matchCriteriaId":"003FFAA4-87FC-4CA1-B0F7-A4DC1FD8F6AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:izero_column_full\\/8_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"992C33A2-04E4-481D-A336-3850D0A823EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:izero_column_full\\/8:-:*:*:*:*:*:*:*","matchCriteriaId":"0F62AF0A-B754-4DCF-A6B1-34DCEB11B090"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_504_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55482174-E8FD-4003-BABE-A195484C79F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_504:-:*:*:*:*:*:*:*","matchCriteriaId":"8FB2771E-91E8-45C7-9EB2-D84B46F6802D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_512_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4C4451B5-C9EB-4A7E-8D9A-6F5AA66F43BA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_512:-:*:*:*:*:*:*:*","matchCriteriaId":"22626DE4-BB35-49C9-803B-29B6E017CA02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_704_ilb_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4E50FC5C-4F29-44F2-8A2D-5F362DE0C49C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_704_ilb:-:*:*:*:*:*:*:*","matchCriteriaId":"7FE47FA1-CFF3-475A-BA51-A23D37498B14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_704_tkm_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A0DA6817-4C56-4BBD-8464-2DC57AB4544A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_704_tkm:-:*:*:*:*:*:*:*","matchCriteriaId":"2F28D701-8CB3-4A92-9E33-4D50148E1662"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_710_inox_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"465D7813-07FB-4A76-BF8E-4426DB1ED38B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_710_inox:-:*:*:*:*:*:*:*","matchCriteriaId":"1F5DB1C2-A03D-442A-AE10-8EE98475356C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_750_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AC6357A5-A2DE-4F73-AD3E-0193A75D3E92"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_750:-:*:*:*:*:*:*:*","matchCriteriaId":"4ADD09A6-2FAC-455B-8286-24DCA881267F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_805_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD03B24D-E853-4481-875A-5BC5CC440512"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_805:-:*:*:*:*:*:*:*","matchCriteriaId":"D2B94539-64C0-494C-9B26-8AA7B452F7A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:selea:targa_semplice_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92028D93-2455-4382-8A92-68DCAA06280D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:selea:targa_semplice:-:*:*:*:*:*:*:*","matchCriteriaId":"1EA35E66-8DD4-4105-9644-A34EFD9D1A48"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:selea:carplateserver:3.005\\(191112\\):*:*:*:*:*:*:*","matchCriteriaId":"95F75BB0-462C-4998-B4A6-7F555BFE2BD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:selea:carplateserver:3.005\\(191206\\):*:*:*:*:*:*:*","matchCriteriaId":"A859F4A9-00BD-4B7E-AAE5-CEE848FD2C4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:selea:carplateserver:3.100\\(200225\\):*:*:*:*:*:*:*","matchCriteriaId":"4A2667EB-84A6-457E-A364-5AF8392E4099"},{"vulnerable":true,"criteria":"cpe:2.3:a:selea:carplateserver:4.013\\(201105\\):*:*:*:*:*:*:*","matchCriteriaId":"19269FA0-F4A3-4E25-9B5F-6511C73AE056"}]}]}],"references":[{"url":"https://github.com/zeroscience","source":"disclosure@vulncheck.com","tags":["Not Applicable"]},{"url":"https://www.exploit-db.com/exploits/49460","source":"disclosure@vulncheck.com","tags":["Exploit"]},{"url":"https://www.selea.com","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.vulncheck.com/advisories/selea-targa-ip-camera-remote-code-execution-via-utils","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]},{"url":"https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5620.php","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}}]}