Carplateserver
Approved changes feed: RSS · Atom
cpe:2.3:a:selea:carplateserver:3.100\(200225\):*:*:*:*:*:*:*
part: a version: 3.100(200225) update: *
| Vendor | Selea (49ab403d-27a6-575d-8c0f-e0b0f6f6b329) |
|---|---|
| Product | Carplateserver (dc550886-d1ab-552e-b50e-850ec7081bc4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-47731 |
vulnerable | 2026-06-03 14:45:46.928676 |
Selea Targa IP Camera Developer Backdoor Configuration Overwrite
Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.
Published: 2025-12-09T20:47:02.420Z
Updated: 2026-04-07T14:05:49.747Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-47730 |
vulnerable | 2026-06-03 14:45:46.927870 |
Selea Targa IP Camera Cross-Site Request Forgery via Admin Creation
Selea Targa IP OCR-ANPR Camera contains a cross-site request forgery vulnerability that allows attackers to create administrative users without authentication. Attackers can craft a malicious web page that submits a form to add a new admin user with full system privileges when a logged-in user visits the page.
Published: 2025-12-09T20:46:29.807Z
Updated: 2026-04-07T14:05:49.035Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-47729 |
vulnerable | 2026-06-03 14:45:46.926965 |
Selea Targa IP Camera Stored Cross-Site Scripting via Files List
Selea Targa IP OCR-ANPR Camera contains a stored cross-site scripting vulnerability in the 'files_list' parameter that allows attackers to inject malicious HTML and script code. Attackers can send a POST request to /cgi-bin/get_file.php with crafted payload to execute arbitrary scripts in victim's browser session.
Published: 2025-12-09T20:45:17.210Z
Updated: 2026-04-07T14:05:47.911Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-47728 |
vulnerable | 2026-06-03 14:45:46.926060 |
Selea Targa IP Camera Remote Code Execution via Utils
Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local file inclusion techniques.
Published: 2025-12-09T20:44:20.450Z
Updated: 2026-04-07T14:05:47.216Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-47727 |
vulnerable | 2026-06-03 14:45:46.923195 |
Selea Targa IP Camera Unauthenticated Stream Disclosure
Selea Targa IP OCR-ANPR Camera contains an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints like p1.mjpg or p1.264 to view camera footage.
Published: 2025-12-09T20:43:48.814Z
Updated: 2026-04-07T14:05:46.478Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.