CVE-2021-47728
BaseFortify
Publication date: 2025-12-09
Last updated on: 2026-02-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| selea | izero_box_full_firmware | * |
| selea | izero_column_entry/8_firmware | * |
| selea | izero_column_full/8_firmware | * |
| selea | targa_504_firmware | * |
| selea | targa_512_firmware | * |
| selea | targa_704_ilb_firmware | * |
| selea | targa_704_tkm_firmware | * |
| selea | targa_710_inox_firmware | * |
| selea | targa_750_firmware | * |
| selea | targa_805_firmware | * |
| selea | targa_semplice_firmware | * |
| selea | carplateserver | 3.005(191112) |
| selea | carplateserver | 3.005(191206) |
| selea | carplateserver | 3.100(200225) |
| selea | carplateserver | 4.013(201105) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the vulnerable utils.php endpoint for command injection via the 'addr' and 'port' HTTP GET parameters. One approach is to send crafted HTTP requests to the utils.php page with injected shell commands in these parameters and observe if arbitrary commands execute. For example, using curl or similar tools to send requests that include shell commands in 'addr' or 'port' parameters can help detect exploitation. Additionally, monitoring network traffic for unusual requests to utils.php with suspicious parameter values can indicate attempts to exploit this vulnerability. Specific commands might include sending payloads that attempt to execute simple commands like 'id' or 'whoami' via these parameters to verify if command injection is possible. [2, 3, 5]
Can you explain this vulnerability to me?
This vulnerability is an unauthenticated command injection in the utils.php file of the Selea Targa IP OCR-ANPR Camera. Remote attackers can exploit the 'addr' and 'port' parameters to inject arbitrary shell commands. By chaining local file inclusion techniques, attackers can gain access as the www-data user.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can execute arbitrary shell commands on the affected device without authentication, potentially leading to unauthorized control, data compromise, or disruption of the device's operation.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include updating the affected Selea Targa IP OCR-ANPR cameras to the latest firmware versions where the vulnerability has been fixed, as acknowledged by the vendor. If updates are not immediately available, restrict network access to the vulnerable devices, especially blocking access to the utils.php endpoint from untrusted networks. Implement network-level controls such as firewalls or VLAN segmentation to limit exposure. Additionally, monitor for suspicious activity targeting the 'addr' and 'port' parameters and consider disabling or restricting the vulnerable functionality if possible until a patch is applied. [5]