CVE-2025-34022 PUBLISHED

Selea Targa IP OCR-ANPR Camera Path Traversal

Assigner: VulnCheck
Reserved: 15.04.2025 Published: 20.06.2025 Updated: 20.06.2025

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
CVSS Score: 9.3

Product Status

Vendor Selea
Product Targa IP OCR-ANPR Camera
Versions Default: unaffected
  • Version BLD201113005214 is affected
  • Version BLD201106163745 is affected
  • Version BLD200304170901 is affected
  • Version BLD200304170514 is affected
  • Version BLD200303143345 is affected
  • Version BLD191118145435 is affected
  • Version BLD191021180140 is affected
  • Version CPS 4.013(201105) is affected
  • Version CPS 3.100(200225) is affected
  • Version CPS 3.005(191206) is affected
  • Version CPS 3.005(191112) is affected

Credits

  • Gjoko Krstic finder

References

Problem Types

  • CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE

Impacts

  • CAPEC-126 Path Traversal