Search criteria
4 vulnerabilities found for Selea CarPlateServer (CPS) by Selea
CVE-2020-36903 (GCVE-0-2020-36903)
Vulnerability from nvd – Published: 2025-12-31 18:39 – Updated: 2025-12-31 18:39
VLAI?
Title
Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path
Summary
Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during application startup or reboot.
Severity ?
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Selea | Selea CarPlateServer (CPS) |
Affected:
4.0.1.6
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"cna": {
"affected": [
{
"product": "Selea CarPlateServer (CPS)",
"vendor": "Selea",
"versions": [
{
"status": "affected",
"version": "4.0.1.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-11-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service\u0027s unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during application startup or reboot."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T18:39:08.084Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49453",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49453"
},
{
"name": "Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.selea.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2021-5621)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5621.php"
},
{
"name": "VulnCheck Advisory: Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/selea-carplateserver-local-privilege-escalation-via-unquoted-service-path"
}
],
"title": "Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36903",
"datePublished": "2025-12-31T18:39:08.084Z",
"dateReserved": "2025-12-23T13:21:10.768Z",
"dateUpdated": "2025-12-31T18:39:08.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36904 (GCVE-0-2020-36904)
Vulnerability from nvd – Published: 2025-12-31 18:39 – Updated: 2025-12-31 18:39
VLAI?
Title
Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint
Summary
Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration, including changing admin passwords and executing system commands.
Severity ?
7.5 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Selea | Selea CarPlateServer (CPS) |
Affected:
4.0.1.6
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"cna": {
"affected": [
{
"product": "Selea CarPlateServer (CPS)",
"vendor": "Selea",
"versions": [
{
"status": "affected",
"version": "4.0.1.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-11-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration, including changing admin passwords and executing system commands."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T18:39:08.542Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49452",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49452"
},
{
"name": "Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.selea.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2021-5622)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5622.php"
},
{
"name": "VulnCheck Advisory: Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/selea-carplateserver-remote-program-execution-via-configuration-endpoint"
}
],
"title": "Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36904",
"datePublished": "2025-12-31T18:39:08.542Z",
"dateReserved": "2025-12-23T13:21:10.769Z",
"dateUpdated": "2025-12-31T18:39:08.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36903 (GCVE-0-2020-36903)
Vulnerability from cvelistv5 – Published: 2025-12-31 18:39 – Updated: 2025-12-31 18:39
VLAI?
Title
Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path
Summary
Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during application startup or reboot.
Severity ?
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Selea | Selea CarPlateServer (CPS) |
Affected:
4.0.1.6
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"cna": {
"affected": [
{
"product": "Selea CarPlateServer (CPS)",
"vendor": "Selea",
"versions": [
{
"status": "affected",
"version": "4.0.1.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-11-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service\u0027s unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during application startup or reboot."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T18:39:08.084Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49453",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49453"
},
{
"name": "Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.selea.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2021-5621)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5621.php"
},
{
"name": "VulnCheck Advisory: Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/selea-carplateserver-local-privilege-escalation-via-unquoted-service-path"
}
],
"title": "Selea CarPlateServer 4.0.1.6 Local Privilege Escalation via Unquoted Service Path",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36903",
"datePublished": "2025-12-31T18:39:08.084Z",
"dateReserved": "2025-12-23T13:21:10.768Z",
"dateUpdated": "2025-12-31T18:39:08.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36904 (GCVE-0-2020-36904)
Vulnerability from cvelistv5 – Published: 2025-12-31 18:39 – Updated: 2025-12-31 18:39
VLAI?
Title
Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint
Summary
Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration, including changing admin passwords and executing system commands.
Severity ?
7.5 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Selea | Selea CarPlateServer (CPS) |
Affected:
4.0.1.6
|
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab
{
"containers": {
"cna": {
"affected": [
{
"product": "Selea CarPlateServer (CPS)",
"vendor": "Selea",
"versions": [
{
"status": "affected",
"version": "4.0.1.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"datePublic": "2020-11-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attackers to execute arbitrary Windows binaries by manipulating the NO_LIST_EXE_PATH configuration parameter. Attackers can bypass authentication through the /cps/ endpoint and modify server configuration, including changing admin passwords and executing system commands."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T18:39:08.542Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-49452",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/49452"
},
{
"name": "Vendor Homepage",
"tags": [
"product"
],
"url": "https://www.selea.com"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2021-5622)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5622.php"
},
{
"name": "VulnCheck Advisory: Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/selea-carplateserver-remote-program-execution-via-configuration-endpoint"
}
],
"title": "Selea CarPlateServer 4.0.1.6 Remote Program Execution via Configuration Endpoint",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2020-36904",
"datePublished": "2025-12-31T18:39:08.542Z",
"dateReserved": "2025-12-23T13:21:10.769Z",
"dateUpdated": "2025-12-31T18:39:08.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}