May 12, 2025
Four new software fingerprints and two Rapid Response bulletins.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities.
- Critical RCE Vulnerability Identified in Craft CMS (CVE-2025-32432)
- Use the following queries to find instances of Craft CMS. Not all of these are necessarily vulnerable, as specific version information may not be available.
- Unauthenticated Code Injection Vulnerability in Langflow (CVE-2025-3248)
- Use the following queries to find exposed Langflow servers. Not all of these are necessarily vulnerable, as specific version information may not be available.
New fingerprints
Added the following fingerprints.
Type | Name | Description | Query |
|---|---|---|---|
risk | Vulnerable SonicWall Gen7 Firewall [CVE-2024-53704] | SonicWall Gen7 Firewalls are vulnerable to an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication. This vulnerability affects SonicWall gen7 firewalls (models TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700, NSa 3700,NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, NSsp 13700, NSsp 15700) versions 7.1.x (7.1.1-7058 and older versions of 7.1.x only), and version 7.1.2-7019. Additionally, SonicWall Gen7 NSv (models 270, 470, and 870) versions 7.1.x (7.1.1-7058 and older versions of 7.1.x only), and version 7.1.2-7019 are affected, and the SonicWall TZ80 model (version 8.0.0-8035) is also affected. | ASM query:
|
software | OpenCTI | This is an OpenCTI Cyber Threat Intelligence Platform. | |
software | SonicWall SonicOSX | This is a SonicWall SonicOSX operating system. | |
software | SonicWall SonicOS | This is a SonicWall SonicOS operating system. | |
software | Langflow | Langflow is a low-code tool for building and deploying AI-powered agents and workflows. |