Platform lookup API endpoints for Free users and three new fingerprints.
Platform
API
-
Platform lookup API endpoints may now be used by Free users.
- Lookup endpoints cost 1 credit per asset retrieved, which is the same cost to look up assets in the Platform web UI.
- Free users can create Personal Access Tokens in the Platform web UI to execute API calls.
- The lookup endpoints no longer require an organization ID to be executed.
- If you have access to a Starter or Enterprise organization ID and do not include it in your lookup API call, then the cost is deducted from your Free credit balance. Additionally, the endpoint will only return data that is available to Free users.
-
Free users have access to the following API endpoints:
- Get a certificate (and get a certificate in PEM format)
- Retrieve multiple certificates (and retrieve multiple certificates in PEM format)
- Get a host
- Retrieve multiple hosts
- Get a web property
- Retrieve multiple web properties
New fingerprints
Added the following fingerprints.
| Type | Name | Description | Query |
|---|---|---|---|
| risk | GoAnywhere MFT Deserialization Vulnerability [CVE-2025-10035] | This service is running a version of GoAnywhere Managed File Transfer software vulnerable to a deserialization vulnerability that could lead to remote code execution. | ASM risk query: risks.name: `GoAnywhere MFT Deserialization Vulnerability [CVE-2025-10035]` |
| risk | Exposed atvremote Device | This device is running atvremote, a tool used to control TV devices over the network. It communicates with services such as AirPlay, Media Remote Protocol (MRP), and Companion API, which are designed for local network use only and should not be exposed to the public internet. If left accessible, attackers could gain unauthorized control of the TV or compromise the device as part of a botnet. | ASM risk query: risks.name: `Exposed atvremote Device` |
| software | atvremote | This is an atvremote server. | Platform query |
