Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-34022

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-20 Jun, 2025 | 18:37
Updated At-20 Nov, 2025 | 21:27
Rejected At-
Credits

Selea Targa IP OCR-ANPR Camera Path Traversal

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:20 Jun, 2025 | 18:37
Updated At:20 Nov, 2025 | 21:27
Rejected At:
▼CVE Numbering Authority (CNA)
Selea Targa IP OCR-ANPR Camera Path Traversal

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.

Affected Products
Vendor
Selea
Product
Targa IP OCR-ANPR Camera
Modules
  • Web Management Interface (get_file.php download handler)
Default Status
unaffected
Versions
Affected
  • BLD201113005214 (custom)
  • BLD201106163745 (custom)
  • BLD200304170901 (custom)
  • BLD200304170514 (custom)
  • BLD200303143345 (custom)
  • BLD191118145435 (custom)
  • BLD191021180140 (custom)
  • CPS 4.013(201105) (custom)
  • CPS 3.100(200225) (custom)
  • CPS 3.005(191206) (custom)
  • CPS 3.005(191112) (custom)
Problem Types
TypeCWE IDDescription
CWECWE-22CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Type: CWE
CWE ID: CWE-22
Description: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-126CAPEC-126 Path Traversal
CAPEC ID: CAPEC-126
Description: CAPEC-126 Path Traversal
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Gjoko Krstic
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php
third-party-advisory
exploit
https://packetstorm.news/files/id/161057
third-party-advisory
exploit
https://cxsecurity.com/issue/WLB-2021010165
third-party-advisory
exploit
https://www.exploit-db.com/exploits/49456
third-party-advisory
exploit
https://www.selea.com
product
https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal
third-party-advisory
Hyperlink: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php
Resource:
third-party-advisory
exploit
Hyperlink: https://packetstorm.news/files/id/161057
Resource:
third-party-advisory
exploit
Hyperlink: https://cxsecurity.com/issue/WLB-2021010165
Resource:
third-party-advisory
exploit
Hyperlink: https://www.exploit-db.com/exploits/49456
Resource:
third-party-advisory
exploit
Hyperlink: https://www.selea.com
Resource:
product
Hyperlink: https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:20 Jun, 2025 | 19:15
Updated At:20 Nov, 2025 | 22:15

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The /common/get_file.php script in the “Download Archive in Storage” page fails to properly validate user-supplied input to the file parameter. Unauthenticated remote attackers can exploit this vulnerability to read arbitrary files on the device, including sensitive system files containing cleartext credentials, potentially leading to authentication bypass and exposure of system information. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-02 UTC.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-22Secondarydisclosure@vulncheck.com
CWE ID: CWE-22
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cxsecurity.com/issue/WLB-2021010165disclosure@vulncheck.com
N/A
https://packetstorm.news/files/id/161057disclosure@vulncheck.com
N/A
https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversaldisclosure@vulncheck.com
N/A
https://www.exploit-db.com/exploits/49456disclosure@vulncheck.com
N/A
https://www.selea.comdisclosure@vulncheck.com
N/A
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.phpdisclosure@vulncheck.com
N/A
Hyperlink: https://cxsecurity.com/issue/WLB-2021010165
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://packetstorm.news/files/id/161057
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://vulncheck.com/advisories/selea-targa-ip-camera-path-traversal
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/49456
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.selea.com
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5616.php
Source: disclosure@vulncheck.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2Records found
CVE-2024-8752
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-9.3||CRITICAL
EPSS-90.34% / 99.59%
||
7 Day CHG~0.00%
Published-16 Sep, 2024 | 15:42
Updated-20 Sep, 2024 | 22:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WebIQ 2.15.9 Runtime on Windows - Directory Traversal Vulnerability

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.

Action-Not Available
Vendor-smart-hmiSmart HMIbeijerelectronicsMicrosoft Corporation
Product-webiqwindowsWebIQwebiq
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2026-23491
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-Not Assigned
Published-18 Feb, 2026 | 19:52
Updated-18 Feb, 2026 | 20:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
InvoicePlane has Unauthenticated Path Traversal in Guest Controller

InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. A path traversal vulnerability exists in the `get_file` method of the `Guest` module's `Get` controller in InvoicePlane up to and including through 1.6.3. The vulnerability allows unauthenticated attackers to read arbitrary files on the server by manipulating the input filename. This leads to the disclosure of sensitive information, including configuration files with database credentials. Version 1.6.4 fixes the issue.

Action-Not Available
Vendor-InvoicePlane
Product-InvoicePlane
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Details not found