CVE-2025-34022

UNKNOWN 0.0

Selea Targa IP OCR-ANPR Camera Path Traversal

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.

CWE	CWE-22
Vendor	selea
Product	targa ip ocr-anpr camera
Published	Jun 20, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for selea targa ip ocr-anpr camera

Be the first to know when new unknown vulnerabilities affecting selea targa ip ocr-anpr camera are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Selea / Targa IP OCR-ANPR Camera

BLD201113005214 BLD201106163745 BLD200304170901 BLD200304170514 BLD200303143345 BLD191118145435 BLD191021180140 CPS 4.013(201105) CPS 3.100(200225) CPS 3.005(191206) CPS 3.005(191112)

References

NVD ↗ CVE.org ↗ EPSS Data ↗

zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php packetstorm.news: https://packetstorm.news/files/id/161057 cxsecurity.com: https://cxsecurity.com/issue/WLB-2021010165 exploit-db.com: https://www.exploit-db.com/exploits/49456 selea.com: https://www.selea.com vulncheck.com: https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal

Credits

Gjoko Krstic