CVE-2021-47730
BaseFortify
Publication date: 2025-12-09
Last updated on: 2026-02-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| selea | izero_box_full_firmware | * |
| selea | izero_column_entry/8_firmware | * |
| selea | izero_column_full/8_firmware | * |
| selea | targa_504_firmware | * |
| selea | targa_512_firmware | * |
| selea | targa_704_ilb_firmware | * |
| selea | targa_704_tkm_firmware | * |
| selea | targa_710_inox_firmware | * |
| selea | targa_750_firmware | * |
| selea | targa_805_firmware | * |
| selea | targa_semplice_firmware | * |
| selea | carplateserver | 3.005(191112) |
| selea | carplateserver | 3.005(191206) |
| selea | carplateserver | 3.100(200225) |
| selea | carplateserver | 4.013(201105) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a cross-site request forgery (CSRF) in the Selea Targa IP OCR-ANPR Camera that allows attackers to create administrative users without authentication. An attacker can craft a malicious web page that, when visited by a logged-in user, submits a form to add a new admin user with full system privileges.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP POST requests to the camera's 'save_params.php' endpoint that include multipart/form-data content with configuration files attempting to add new administrative users. Specifically, look for suspicious POST requests that contain user credentials or rights level parameters indicating admin creation. Network traffic analysis tools like Wireshark or tcpdump can be used to capture such HTTP requests. For example, using tcpdump to filter HTTP POST requests to the camera's IP: tcpdump -i <interface> -A 'tcp port 80 and (((ip dst <camera_ip>) and (tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x504f5354)))' and then inspecting the payload for 'save_params.php' and user creation parameters. Additionally, checking the camera's user list via its web interface or API for unexpected admin users can help detect exploitation. [1, 3, 5]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Updating the camera firmware and CPS software to the latest versions where the vendor has addressed this vulnerability, as most issues were reviewed and fixed in newer releases. 2) Restricting access to the camera's web interface to trusted networks only, preventing exposure to untrusted users. 3) Educating users to avoid visiting untrusted or suspicious websites while logged into the camera's interface to reduce risk of CSRF attacks. 4) Implementing network-level protections such as firewall rules to block unauthorized HTTP POST requests to the camera's administrative endpoints. 5) If possible, disabling or limiting the web interface functionality that allows user creation until patches are applied. [3, 5]
How can this vulnerability impact me? :
The vulnerability can allow attackers to gain administrative access to the affected camera system without authentication. This can lead to unauthorized control over the device, potentially compromising the security and functionality of the system.