June 16, 2025

Four new fingerprints and two Rapid Response bulletins.

Rapid Response

The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.

New fingerprints

Added the following fingerprints.

Type

Name

Description

Query

software

Synology VPN Plus Server

This is a Synology VPN Plus Server.

Platform query

software

3CX Web Client

The 3CX Web Client is a browser-based application that provides users with tools for communication and collaboration, including call management, video conferencing, live chat, and integration with messaging platforms such as WhatsApp, Facebook, and SMS/MMS.

Platform query

risk

Vulnerable Wazuh [CVE-2025-24016]

An unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent.

ASM query:

risks.name: `Vulnerable Wazuh [CVE-2025-24016]`

risk

Vulnerable Roundcube [CVE-2025-49113]

This is a Roundcube server running a version of Roundcube that is vulnerable to CVE-2025-49113. Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.

ASM query:

risks.name: `Vulnerable Roundcube [CVE-2025-49113]`