ГлавнаяУязвимости → CVE-2021-47731
9.8критическая

CVE-2021-47731

Описание

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite device settings.

Затрагиваемое ПО
Selea Izero box full firmwareSelea Izero box fullSelea Izero column entry\/8 firmwareSelea Izero column entry\/8Selea Izero column full\/8 firmwareSelea Izero column full\/8Selea Targa 504 firmwareSelea Targa 504Selea Targa 512 firmwareSelea Targa 512Selea Targa 704 ilb firmwareSelea Targa 704 ilbSelea Targa 704 tkm firmwareSelea Targa 704 tkmSelea Targa 710 inox firmwareSelea Targa 710 inoxSelea Targa 750 firmwareSelea Targa 750Selea Targa 805 firmwareSelea Targa 805Selea Targa semplice firmwareSelea Targa sempliceSelea Carplateserver
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/zerosciencehttps://www.exploit-db.com/exploits/49455https://www.selea.comhttps://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-configuration-overwritehttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php