CVE-2021-47728
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2026-02-23

Assigner: VulnCheck

Description
Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local file inclusion techniques.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2026-02-23
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47728
Affected Vendors & Products
Showing 15 associated CPEs
Vendor Product Version / Range
selea izero_box_full_firmware *
selea izero_column_entry/8_firmware *
selea izero_column_full/8_firmware *
selea targa_504_firmware *
selea targa_512_firmware *
selea targa_704_ilb_firmware *
selea targa_704_tkm_firmware *
selea targa_710_inox_firmware *
selea targa_750_firmware *
selea targa_805_firmware *
selea targa_semplice_firmware *
selea carplateserver 3.005(191112)
selea carplateserver 3.005(191206)
selea carplateserver 3.100(200225)
selea carplateserver 4.013(201105)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an unauthenticated command injection in the utils.php file of the Selea Targa IP OCR-ANPR Camera. Remote attackers can exploit the 'addr' and 'port' parameters to inject arbitrary shell commands. By chaining local file inclusion techniques, attackers can gain access as the www-data user.

Impact Analysis

An attacker exploiting this vulnerability can execute arbitrary shell commands on the affected device without authentication, potentially leading to unauthorized control, data compromise, or disruption of the device's operation.

Detection Guidance

This vulnerability can be detected by testing the vulnerable utils.php endpoint for command injection via the 'addr' and 'port' HTTP GET parameters. One approach is to send crafted HTTP requests to the utils.php page with injected shell commands in these parameters and observe if arbitrary commands execute. For example, using curl or similar tools to send requests that include shell commands in 'addr' or 'port' parameters can help detect exploitation. Additionally, monitoring network traffic for unusual requests to utils.php with suspicious parameter values can indicate attempts to exploit this vulnerability. Specific commands might include sending payloads that attempt to execute simple commands like 'id' or 'whoami' via these parameters to verify if command injection is possible. [2, 3, 5]

Mitigation Strategies

Immediate mitigation steps include updating the affected Selea Targa IP OCR-ANPR cameras to the latest firmware versions where the vulnerability has been fixed, as acknowledged by the vendor. If updates are not immediately available, restrict network access to the vulnerable devices, especially blocking access to the utils.php endpoint from untrusted networks. Implement network-level controls such as firewalls or VLAN segmentation to limit exposure. Additionally, monitor for suspicious activity targeting the 'addr' and 'port' parameters and consider disabling or restricting the vulnerable functionality if possible until a patch is applied. [5]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47728. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart