GCVE - cpe:2.3:a:selea:selea_carplateserver_(cps):*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:selea:selea_carplateserver_(cps):*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Selea (`49ab403d-27a6-575d-8c0f-e0b0f6f6b329`)
Product	Selea Carplateserver (Cps) (`a2a26896-2eae-5322-ad0a-3b16919ceddd`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-36904`	vulnerable	2026-06-03 14:42:40.236740	Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint HIGH (7.5) Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration, including changing admin passwords and executing system commands. Published: 2025-12-31T18:39:08.542Z Updated: 2026-01-02T20:16:14.728Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/49452 https://www.selea.com https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5622.php https://www.vulncheck.com/advisories/selea-carplateserver-remote-program-execution-via-configuration-endpoint	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-36903`	vulnerable	2026-06-03 14:42:40.236370	Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path HIGH (8.4) Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during application startup or reboot. Published: 2025-12-31T18:39:08.084Z Updated: 2026-01-02T20:17:18.554Z Open on db.gcve.eu Reference links https://www.exploit-db.com/exploits/49453 https://www.selea.com https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5621.php https://www.vulncheck.com/advisories/selea-carplateserver-local-privilege-escalation-via-unquoted-service-path	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.