CNNVD-202506-2803 Information

Jun 20, 2025 cve

CNNVD ID

CNNVD-202506-2803

CVE-2025-34022

CNNVD Published: 2025-06-20

Description (Chinese)

Selea Targa iZero等都是意大利Selea公司的一款用于自动车牌识别的光学字符识别摄像头。 Selea多款产品存在安全漏洞，该漏洞源于/common/get_file.php脚本未验证文件参数，可能导致路径遍历攻击。以下产品受到影响：Targa iZero、Targa 512、Targa 504、Targa Semplice、Targa 704 TKM、Targa 805、Targa 710 INOX、Targa 750和Targa 704 ILB。

Description (English)

Selea Targa iZero, among others, is an optical character recognition camera used by the Italian company Selea for the recognition of automatic licence plates. There is a safety loophole in multiple Selea products, which originates from/common/get file.php scripts that do not verify document parameters, which may lead to a routing attack. The following products were affected: Targa i Zero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750 and Targa 704 ILB.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Selea

Published

2025-06-20

Last Modified

2026-02-24

References

https://www.selea.com https://cxsecurity.com/issue/WLB-2021010165 https://packetstorm.news/files/id/161057 https://www.exploit-db.com/exploits/49456 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal https://access.redhat.com/security/cve/cve-2025-34022

Share on: