CVE-2021-47731 – Selea Targa IP OCR-ANPR cameras contain a hidde... (How to Fix)

Q: What is the severity of CVE-2021-47731?

CVE-2021-47731 has a CVSS score of 9.8 (CRITICAL). Selea Targa IP OCR-ANPR cameras contain a hidden developer backdoor page accessible with hard-coded credentials 'Selea781830'. This allows attackers to upload malicious configuration files and overwrite device settings. All users of affected Selea camera models are vulnerable.

📋 TL;DR

Selea Targa IP OCR-ANPR cameras contain a hidden developer backdoor page accessible with hard-coded credentials 'Selea781830'. This allows attackers to upload malicious configuration files and overwrite device settings. All users of affected Selea camera models are vulnerable.

💻 Affected Systems

Products:

Selea Targa IP OCR-ANPR Camera

Versions: All versions prior to vendor patch

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations are vulnerable. The hidden endpoint exists by design for developer access.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device takeover enabling camera manipulation, disabling security features, installing persistent malware, or using the device as an internal network pivot point.

🟠

Likely Case

Unauthorized configuration changes, camera functionality disruption, credential harvesting, or integration of the device into a botnet.

🟢

If Mitigated

Limited impact due to network segmentation and access controls preventing external access to camera management interfaces.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires knowledge of hidden endpoint URL and hard-coded password. Public exploit code demonstrates configuration upload.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.selea.com

Restart Required: No

Instructions:

Contact Selea support for firmware updates. No official patch details are publicly documented.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate cameras on separate VLAN without internet access

Access Control Lists

linux

Block external access to camera management interfaces

iptables -A INPUT -p tcp --dport 80 -s ! trusted_network -j DROP
iptables -A INPUT -p tcp --dport 443 -s ! trusted_network -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate cameras from critical networks
Monitor for configuration upload attempts and unauthorized access to camera management interfaces

🔍 How to Verify

Check if Vulnerable:

Attempt to access hidden developer endpoint with hard-coded password 'Selea781830'

Check Version:

Check camera web interface or contact Selea support

Verify Fix Applied:

Verify firmware version against vendor-provided patched version and test that hidden endpoint no longer accepts hard-coded credentials

📡 Detection & Monitoring

Log Indicators:

Failed authentication attempts with 'Selea781830'
Configuration file uploads via unusual endpoints
Unusual configuration changes

Network Indicators:

HTTP POST requests to undocumented endpoints
Traffic to camera management ports from unauthorized sources

SIEM Query:

source="camera_logs" AND (password="Selea781830" OR endpoint="*developer*" OR action="config_upload")

📊 Metadata

CVE ID: CVE-2021-47731

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-306

EPSS Score: 0.06% exploit probability (19.5th percentile)

Published: December 9, 2025

Last Updated: February 23, 2026

🔗 References

https://github.com/zeroscience Not Applicable
https://www.exploit-db.com/exploits/49455 Exploit
https://www.selea.com Product
https://www.vulncheck.com/advisories/selea-targa-ip-camera-developer-backdoor-configuration-overwrite Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5615.php Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47731, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Carplateserver by Selea

Carplateserver by Selea

Carplateserver by Selea

Carplateserver by Selea

Izero Box Full Firmware by Selea

Izero Column Entry\/8 Firmware by Selea

Izero Column Full\/8 Firmware by Selea

Targa 504 Firmware by Selea

Targa 512 Firmware by Selea

Targa 704 Ilb Firmware by Selea

Targa 704 Tkm Firmware by Selea

Targa 710 Inox Firmware by Selea

Targa 750 Firmware by Selea

Targa 805 Firmware by Selea

Targa Semplice Firmware by Selea

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Network Segmentation

Access Control Lists

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities