QwikSec

Security Database

CVE

CWE

Training

CVE-2021-47728

Published: Dec 9, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

Selea Targa IP OCR-ANPR Camera contains an unauthenticated command injection vulnerability in utils.php that allows remote attackers to execute arbitrary shell commands. Attackers can exploit the 'addr' and 'port' parameters to inject commands and gain www-data user access through chained local file inclusion techniques.

Vendor	Product	Versions
Selea	Selea Targa IP OCR-ANPR Camera	affected `Unknown`

Weaknesses (CWE)

References

ExploitDB-49460

exploit

product

Zero Science Lab Disclosure (ZSL-2021-5620)

third-party-advisory

Zero Science GitHub Repository

product

VulnCheck Advisory: Selea Targa IP Camera Remote Code Execution via Utils

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.