CNNVD-202506-2802 Information

CNNVD ID

CNNVD-202506-2802

Related CVE

CVE-2025-34021

• CNNVD Published: 2025-06-20

Description (Chinese)

Selea Targa iZero等都是意大利Selea公司的一款用于自动车牌识别的光学字符识别摄像头。 Selea多款产品存在安全漏洞，该漏洞源于未验证JSON POST参数ipnotify_address和url，可能导致服务端请求伪造攻击。以下产品受到影响：Targa iZero、Targa 512、Targa 504、Targa Semplice、Targa 704 TKM、Targa 805、Targa 710 INOX、Targa 750和Targa 704 ILB。

Description (English)

Selea Targa iZero, among others, is an optical character recognition camera used by the Italian company Selea for the recognition of automatic licence plates. There is a safety gap in multiple Selea products, which stems from the failure to verify JSON POST parameters ipnotify adress and url, which could lead to a request from the service side for a false attack. The following products were affected: Targa i Zero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750 and Targa 704 ILB.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Selea

Published

2025-06-20

Last Modified

2026-02-24

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5617.php https://www.selea.com https://packetstorm.news/files/id/161059 https://www.exploit-db.com/exploits/49457 https://vulncheck.com/advisories/selea-targa-ip-camera-ssrf https://cxsecurity.com/issue/WLB-2021010170 https://access.redhat.com/security/cve/cve-2025-34021