Selea Targa IP OCR-ANPR Camera Cross-Site Request Forgery Vulnerability Allowing Unauthorized Admin User Creation

A cross-site request forgery (CSRF) vulnerability has been identified in the Selea Targa IP OCR-ANPR Camera. This vulnerability allows attackers to create administrative users without authentication. By crafting a malicious web page that submits a form to add a new admin user with full system privileges, an attacker can exploit this issue when a logged-in user visits the page. The vulnerability affects multiple camera models, including Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. Several firmware versions are also affected.

Impact

Exploitation of this vulnerability allows for the creation of admin users, who gain full system privileges on the camera.

Reproduction

To reproduce this vulnerability, a logged-in user must be tricked into visiting a malicious web page that exploits the CSRF vulnerability. The page should be crafted to send a POST request to 'save_params.php' with the necessary form data to create a new admin user. This can be done using a web application that supports CSRF attacks, such as by embedding the exploit in a phishing email or a compromised website.