CVE-2020-36904

Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NOLISTEXEPATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration,...

CVE-2020-36903

Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root...

CVE-2020-36903 Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path

Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root...

CVE-2020-36903 Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path

Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root...

Selea CarPlateServer 代码问题漏洞

Selea CarPlateServer is a license plate recognition software from the Italian company Selea. A code issue vulnerability exists in Selea CarPlateServer version 4.0.1.6, which stems from the presence of unquoted service paths in the Windows service configuration, which could lead to code execution...

PT-2025-54417

Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root...

PT-2025-54418

Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO LIST EXE PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration,...

Selea CarPlateServer 4.0.1.6 Local Privilege Escalation

Selea CarPlateServer CPS v4.0.1.6 Local Privilege Escalation Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...

Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution

Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Remote Program Execution Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version:...

Selea CarPlateServer (CPS) v4.0.1.6 Local Privilege Escalation

Summary Our CPS Car Plate Server software is an advanced solution that can be installed on computers and servers and used as an operations centre. It can create sophisticated traffic control and road safety systems connecting to stationary, mobile or vehicle-installed ANPR systems. CPS allows to...