CVE-2025-34021 – Selea Targa SSRF

June 20, 2025

CVE ID : CVE-2025-34021

Published : June 20, 2025, 7:15 p.m. | 3 hours, 14 minutes ago

Description : A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON POST parameters such as ipnotify_address and url, which are used by internal mechanisms to perform image fetch and DNS lookups. This allows remote unauthenticated attackers to induce the system to make arbitrary HTTP requests to internal or external systems, potentially bypassing firewall policies or conducting internal service enumeration.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-34022 – Selea Targa IP OCR-ANPR Path Traversal Vulnerability

Next Article CVE-2025-25038 – MiniDVBLinux OS Command Injection Vulnerability

Highlights

CVE-2025-30420 – NI Circuit Design Suite Bitmap Out-of-Bounds Read Memory Corruption Vulnerability

May 15, 2025

CVE ID : CVE-2025-30420

Published : May 15, 2025, 5:15 p.m. | 2 hours, 45 minutes ago

Description : There is a memory corruption vulnerability due to an out of bounds read in Bitmap::InternalDraw() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

15 Essential Skills to Look for When Hiring Node.js Developers for Enterprise Projects (2025-2026)

African training program creates developers with cloud-native skills

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

LastPass can now warn or block logins to shadow SaaS apps – here’s how

Get up to a year of Adobe Creative Cloud access for 40% off

Got 6 hours? This free AI training from Google and Goodwill can boost your resume today

Why I recommend this budget phone with a paper-like screen over ‘minimalist’ devices

Laravel Boost, your AI coding starter kit

Laravel Boost, your AI coding starter kit

Using GitHub Copilot in VS Code

Optimizely Mission Control – Part I

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Microsoft’s record stock run collides with Nadella’s admission that 15,000 layoffs still ‘hurt’

Microsoft and Adobe Power Up Fantasy Premier League Fans with AI – Here’s How

CVE-2025-34021 – Selea Targa SSRF

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

The Wild West of Shadow IT

CVE-2025-4316 – “Devolutions Server PAM Unauthorized Self-Approval”

Stacked Transforms

Subatomic Update: Publishing & Adopting Design Token Systems!

CVE-2025-5112 – FreeFloat FTP Server Buffer Overflow Vulnerability

CVE-2025-30420 – NI Circuit Design Suite Bitmap Out-of-Bounds Read Memory Corruption Vulnerability

CVE-2025-53493 – Wikimedia Foundation Mediawiki – MintyDocs Extension Stored Cross-site Scripting (XSS)

10 personal safety features every Pixel user should know about – and use

OpenAI Launches gpt-image-1 API: Bringing High-Quality Image Generation to Developers

CVE-2025-34021 – Selea Targa SSRF

Related Posts