CVE-2021-47727 – Selea Targa IP OCR-ANPR cameras contain an unau... (How to Fix)

Q: What is the severity of CVE-2021-47727?

CVE-2021-47727 has a CVSS score of 5.3 (MEDIUM). Selea Targa IP OCR-ANPR cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints to view camera footage. This affects organizations using these cameras for surveillance or ANPR systems.

📋 TL;DR

Selea Targa IP OCR-ANPR cameras contain an unauthenticated vulnerability that allows remote attackers to access live video streams without authentication. Attackers can directly connect to RTP/RTSP or M-JPEG streams by requesting specific endpoints to view camera footage. This affects organizations using these cameras for surveillance or ANPR systems.

💻 Affected Systems

Products:

Selea Targa IP OCR-ANPR Camera

Versions: Specific versions unknown, but likely multiple firmware versions prior to patching

Operating Systems: Embedded camera firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects cameras with the vulnerable firmware when network-accessible; exact model numbers not specified in references.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete loss of video surveillance privacy, enabling attackers to monitor sensitive areas, track individuals/vehicles, and potentially use footage for reconnaissance before physical attacks.

🟠

Likely Case

Unauthorized viewing of camera feeds, compromising privacy and security monitoring, potentially exposing sensitive operations or personal information.

🟢

If Mitigated

Limited to authenticated users only, maintaining proper access controls and surveillance integrity.

🌐 Internet-Facing: HIGH - Cameras exposed to the internet can be directly accessed by any remote attacker without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could access streams, but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires only HTTP requests to specific endpoints (p1.mjpg, p1.264) without authentication; trivial to automate.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.selea.com

Restart Required: No

Instructions:

Check vendor website for firmware updates; if unavailable, apply workarounds immediately.

🔧 Temporary Workarounds

Network Segmentation

all

Place cameras on isolated VLANs with strict firewall rules blocking external access to camera ports.

Access Control Lists

all

Configure firewall/network devices to allow camera access only from authorized management IPs.

🧯 If You Can't Patch

Disable camera internet exposure and restrict to internal networks only.
Implement VPN for remote access instead of direct camera exposure.

🔍 How to Verify

Check if Vulnerable:

Attempt HTTP GET requests to camera IP on common ports (e.g., 80, 554) for endpoints like /p1.mjpg or /p1.264; if video streams without authentication, vulnerable.

Check Version:

Check camera web interface or firmware settings for version info; vendor-specific.

Verify Fix Applied:

Repeat check; streams should require authentication or return error/denial.

📡 Detection & Monitoring

Log Indicators:

Unusual access to video stream endpoints from unauthorized IPs
Failed authentication attempts followed by stream access

Network Indicators:

RTP/RTSP/M-JPEG traffic from cameras to unexpected external IPs
HTTP requests to p1.mjpg/p1.264 without prior auth

SIEM Query:

source_ip=* dest_ip=camera_ip (http_uri="/p1.mjpg" OR http_uri="/p1.264") AND NOT user_authenticated=true

📊 Metadata

CVE ID: CVE-2021-47727

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-306

EPSS Score: 0.45% exploit probability (63.3th percentile)

Published: December 9, 2025

Last Updated: February 23, 2026

🔗 References

https://github.com/Mbed-TLS/mbedtls Not Applicable
https://www.exploit-db.com/exploits/49459 Exploit,Third Party Advisory
https://www.selea.com Product
https://www.vulncheck.com/advisories/selea-targa-ip-camera-unauthenticated-stream-disclosure Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5619.php Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47727, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Carplateserver by Selea

Carplateserver by Selea

Carplateserver by Selea

Carplateserver by Selea

Izero Box Full Firmware by Selea

Izero Column Entry\/8 Firmware by Selea

Izero Column Full\/8 Firmware by Selea

Targa 504 Firmware by Selea

Targa 512 Firmware by Selea

Targa 704 Ilb Firmware by Selea

Targa 704 Tkm Firmware by Selea

Targa 710 Inox Firmware by Selea

Targa 750 Firmware by Selea

Targa 805 Firmware by Selea

Targa Semplice Firmware by Selea

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Access Control Lists

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities