April 7, 2025
This release includes two new Rapid Response risks for ASM and a new software fingerprint for all datasets.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.
- Unauthenticated Auth Bypass Vulnerability in CrushFTP CVE-2025-31161
- Use the following queries to find CrushFTP services. Not all of these are necessarily vulnerable, as specific version information may not be available.
- Platform query
- Legacy Search query
- ASM query
- ASM risk query
- This query can be used to identify exposed instances of CrushFTP that are vulnerable to the exploit.
- Unauthenticated RCE Vulnerability in Ivanti Connect & Policy Secure and ZTA Gateway CVE-2025-22457
- Use the following queries to find Ivanti Connect Secure services. Not all of these are necessarily vulnerable, as specific version information may not be available.
- Platform query
- Legacy Search query
- ASM query
- ASM risk query
- This query can be used to identify exposed instances of Ivanti Connect Secure that are vulnerable to the exploit.
New fingerprints
Type | Name | Description | Query |
|---|---|---|---|
risk | Vulnerable CrushFTP [CVE-2025-2825, CVE-2025-31161] | CrushFTP contains an unauthenticated authentication bypass vulnerability. This affects CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. There are two CVE-IDs because the original CVE-2025-2825 was assigned by VulnCheck, but the vendor has identified the CVE-ID as CVE-2025-31161. | |
risk | Vulnerable Ivanti Connect Secure Application [CVE-2025-22457] | This Ivanti Connect Secure (before 22.7R2.6) application is vulnerable to CVE-2025-22457. This vulnerability allows an unauthenticated attacker to achieve remote code execution. | |
software | Medsynapse PACS | Medsynapse PACS is a web-based picture archiving and communication system (PACS) for transfer of medical images within and outside hospitals. |