The following enhancements and improvements are now available to Censys ASM and Search customers.
Rapid Response
The Censys Rapid Response team published information about and queries for the following issues and vulnerabilities:
- 14 Bugs in DrayTek Vigor Routers Disclosed: Admin Interfaces Widely Exposed Across Major ISPs [CVE-2024-41592]
- Censys Search query: services: (http.response.status_code=200 and http.request.uri:"/weblogin.htm" and (http.response.html_title:"Vigor" or http.response.favicons.md5_hash="208b1c5af9e2cc7d46e3ec5bf4d12001"))=
- Censys ASM query: host.services: (http.response.status_code=200 and http.request.uri:"/weblogin.htm" and (http.response.html_title:"Vigor" or http.response.favicons.md5_hash="208b1c5af9e2cc7d46e3ec5bf4d12001")) or web_entity.instances: (http.response.status_code=200 and http.request.uri:"/weblogin.htm" and (http.response.html_title:"Vigor" or http.response.favicons.md5_hash="208b1c5af9e2cc7d46e3ec5bf4d12001"))
- Censys ASM risk query: risks.name="Exposed DrayTek Vigor Router"
New Protocols
Added support for the following protocols:
New Fingerprints
Added or updated the following fingerprints:
| Type | Name | Description | Query |
| software | DrayTek VigorConnect Admin Page | This is a DrayTek VigorConnect admin page. | |
| software | DrayTek Vigor Router | This is a DrayTek Vigor Router. | |
| risk | Exposed DrayTek Vigor Router | The affected service exposes a DrayTek Vigor router administration interface. This web application can be used to modify router configurations, which makes it a target. |