April 20, 2026

Summary

Use the Censys Assistant in ASM to input questions in a natural language and obtain answers based on the assets present in your attack surface inventory.
Added new fingerprints for Nginx UI, Oracle WebLogic Server Administration Console, and Pi-Hole.
Added two new ASM risk fingerprints for exposed Nginx UI applications and exposed Oracle WebLogic Server administration consoles.

ASM

Use the Censys Assistant in ASM to input questions in a natural language and obtain answers based on the assets present in your attack surface inventory.
- Prompt the assistant with input like:
  - Whether any of your assets are vulnerable to a specific CVE.
  - Aggregate and analyze the cloud providers are present in your inventory.
  - Find services running on nonstandard ports.
- To use the Censys Assistant in ASM, your organization must be migrated to the Platform for team management. Contact your Censys representative to learn more about migrating.

New fingerprints and risks

Added the following fingerprints and risks.

Note that new ASM risk fingerprints may be disabled by default in your workspace. Reference your risk type configuration in the ASM web console to review new risk types.

New fingerprints

Name	Description	Query
Nginx UI	Nginx UI (nginx-ui) is a browser-based control panel for managing nginx configuration and runtime.	Platform query
Oracle WebLogic Server Administration Console	This is the Oracle WebLogic Server Administration Console web interface.	Platform query
Pi-hole	Pi-hole is a Linux network-level advertisement and internet tracker blocking application which acts as a DNS sinkhole and optionally a DHCP server.	Platform query

New ASM risks

Name	Description	Query
Exposed Nginx UI Application	This service exposes Nginx UI, a web admin panel for nginx that can reveal configuration and permit changes if access controls are weak.	ASM risk query: `risks.name: "Exposed Nginx UI Application"`
Exposed Oracle WebLogic Server Administration Console	The Oracle WebLogic Server Administration Console is reachable over HTTP. This management UI controls the application server and related resources. Exposing it to the Internet increases unauthorized access and attack risk.	ASM risk query: `risks.name: "Exposed Oracle WebLogic Server Administration Console"`

Name

Description

Query

Exposed Nginx UI Application

This service exposes Nginx UI, a web admin panel for nginx that can reveal configuration and permit changes if access controls are weak.

ASM risk query:

risks.name: "Exposed Nginx UI Application"

Exposed Oracle WebLogic Server Administration Console

The Oracle WebLogic Server Administration Console is reachable over HTTP. This management UI controls the application server and related resources. Exposing it to the Internet increases unauthorized access and attack risk.

ASM risk query:

risks.name: "Exposed Oracle WebLogic Server Administration Console"