September 22, 2025

Summary

Platform

API

New fingerprints

Added the following fingerprints.

TypeNameDescriptionQuery
riskGoAnywhere MFT Deserialization Vulnerability [CVE-2025-10035]This service is running a version of GoAnywhere Managed File Transfer software vulnerable to a deserialization vulnerability that could lead to remote code execution.ASM risk query:
risks.name: `GoAnywhere MFT Deserialization Vulnerability [CVE-2025-10035]`
riskExposed atvremote DeviceThis device is running atvremote, a tool used to control TV devices over the network. It communicates with services such as AirPlay, Media Remote Protocol (MRP), and Companion API, which are designed for local network use only and should not be exposed to the public internet. If left accessible, attackers could gain unauthorized control of the TV or compromise the device as part of a botnet.ASM risk query:
risks.name: `Exposed atvremote Device`
softwareatvremoteThis is an atvremote server.Platform query