recog 2.3.7 → 2.3.8

data/xml/http_cookies.xml

@@ -109,7 +109,8 @@
     <param pos="0" name="service.product" value="HTTP"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="Adaptive Security Appliance"/>
-    <param pos="0" name="os.product" value="VPN"/>
+    <param pos="0" name="os.product" value="Adaptive Security Appliance"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance:-"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.family" value="Adaptive Security Appliance"/>
     <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
@@ -130,6 +131,11 @@
     <param pos="0" name="os.family" value="NetScaler"/>
     <param pos="0" name="os.device" value="Network Management Device"/>
     <param pos="0" name="os.product" value="NetScaler"/>
+    <param pos="0" name="service.vendor" value="Citrix"/>
+    <param pos="0" name="service.family" value="NetScaler"/>
+    <param pos="0" name="service.device" value="Network Management Device"/>
+    <param pos="0" name="service.product" value="NetScaler"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:citrix:netscaler:-"/>
   </fingerprint>
   <fingerprint pattern="^DSSignInURL=/">
     <description>Pulse Secure VPN</description>
@@ -375,6 +381,12 @@
     <param pos="0" name="service.component.product" value="Moodle"/>
     <param pos="0" name="service.component.cpe23" value="cpe:/a:moodle:moodle:-"/>
   </fingerprint>
+  <fingerprint pattern="_arachni_webui_session=">
+    <description>Arachni Security Scanner</description>
+    <example>_arachni_webui_session=el2MMEVVcld3Q2dBc3UvSmtQYmlPckpxSE2CMmlwd1Nja2lvUk5tRG5XYTlnRHJuVVVTblVNMTBOdGhrUU02dzC0K1I0Mnk3d1I3SUlCcngwQkliV3Y5VDBnVVZkOWJsS0VGSlYwM1RGMlVzVDNKcXlrdFNQZ0lIM1VBN3RDZFIrZTBrdjZmdSt0YnV2djh1RFE0S1czUmZQcGxNNW9UWVQydXFCZmNHZDRmTlg4cWludE5SUDRYU2JwdWw4Qmk3dEpDV3ZBejRkbU9ueFJKNG1HenplUEJjem9LU09IM0Z6ZHM4YU00aVpKUHJRVzR3SG8rRzBjWG9jclpqZGd2dmp2TnVGbjkvb0lmanZvM3lPZGhXb3c9PS0tR0dXVWppWnorMG1NNjlXTkYvaEswUT09--44b846e66f558667d7503010a726e2388803136f; path=/; HttpOnly</example>
+    <param pos="0" name="service.vendor" value="Arachni"/>
+    <param pos="0" name="service.product" value="Arachni"/>
+  </fingerprint>
   <!--
         Ignore various cookies that are very generic cookies for session IDs
         that are not necessarily indicative of any particular

data/xml/http_servers.xml

@@ -235,7 +235,6 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:10.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
   <fingerprint pattern="^Microsoft-IIS/([\d\.]+)$">
     <description>Microsoft IIS new, unknown Windows version</description>
@@ -700,6 +699,7 @@
     <param pos="0" name="service.vendor" value="OpenResty"/>
     <param pos="0" name="service.product" value="OpenResty"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:openresty:openresty:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^gunicorn\/([\d.]+)+$">
     <description>Gunicorn Gunicorn</description>
@@ -707,6 +707,7 @@
     <param pos="0" name="service.vendor" value="Gunicorn"/>
     <param pos="0" name="service.product" value="Gunicorn"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:gunicorn:gunicorn:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^Serv-U\/([\d.]+)$">
     <description>Serv-U HTTP interface</description>
@@ -920,6 +921,7 @@
     <param pos="0" name="os.family" value="OS/400"/>
     <param pos="0" name="os.product" value="OS/400"/>
     <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:ibm:os_400:{os.version}"/>
   </fingerprint>
   <fingerprint pattern="^(?:IBM_HTTP_Server|IBM_HTTP_SERVER)/([\w.-]+)\s+Apache/([12][\d.]+)\s*(.*)$">
     <description>IBM HTTP Server</description>
@@ -1238,6 +1240,7 @@
     <param pos="0" name="service.product" value="WebSphere"/>
     <param pos="0" name="service.family" value="WebSphere"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:ibm:websphere:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^Resin/(\S+)$">
     <description>Caucho Resin</description>
@@ -1453,6 +1456,13 @@
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
   </fingerprint>
+  <fingerprint pattern="^TargetWeb/[\d\.]+ \(TargetOS\)$">
+    <description>Mercurity Security TargetOS</description>
+    <example>TargetWeb/2011.0 (TargetOS)</example>
+    <param pos="0" name="hw.vendor" value="Mercury Security"/>
+    <param pos="0" name="hw.device" value="Access Controller"/>
+    <param pos="0" name="hw.product" value="EP-series"/>
+  </fingerprint>
   <fingerprint pattern="^Foundry Networks(?:/(\d+\.\d+))?$">
     <description>Foundry Networks device (though not sure which)</description>
     <param pos="0" name="service.vendor" value="Foundry"/>
@@ -1585,7 +1595,8 @@
     <param pos="0" name="service.product" value="HTTP"/>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.family" value="Adaptive Security Appliance"/>
-    <param pos="0" name="os.product" value="VPN"/>
+    <param pos="0" name="os.product" value="Adaptive Security Appliance"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:adaptive_security_appliance:-"/>
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.family" value="Adaptive Security Appliance"/>
     <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
@@ -1622,7 +1633,6 @@
     <param pos="0" name="service.vendor" value="LANDesk"/>
     <param pos="0" name="service.product" value="Management Agent"/>
     <param pos="0" name="service.family" value="Management Agent"/>
-    <param pos="0" name="service.cpe23" value="cpe:/a:landesk:management_agent:-"/>
   </fingerprint>
   <fingerprint pattern="^EWS-NIC\d/(\S+)$">
     <description>Xerox Embedded Web Server (EWS)</description>
@@ -1681,7 +1691,12 @@
     <param pos="0" name="os.family" value="NetScaler"/>
     <param pos="0" name="os.device" value="Network Management Device"/>
     <param pos="0" name="os.product" value="NetScaler"/>
-    <param pos="1" name="os.version"/>
+    <param pos="0" name="service.vendor" value="Citrix"/>
+    <param pos="0" name="service.family" value="NetScaler"/>
+    <param pos="0" name="service.device" value="Network Management Device"/>
+    <param pos="0" name="service.product" value="NetScaler"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:citrix:netscaler:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^Rumpus$">
     <description>Rumpus FTP Server, Web File Manager interface</description>
@@ -1742,7 +1757,7 @@
   <fingerprint pattern="^kHTTPd (\S+)" certainty="0.50">
     <description>TUX web server, an in-kernel Linux HTTP Accelerator</description>
     <example>kHTTPd 0.1.6</example>
-    <param pos="0" name="service.product" value="TUX web server"/>
+    <param pos="0" name="service.product" value="TUX Web Server"/>
     <param pos="1" name="service.version"/>
     <param pos="0" name="os.vendor" value="Linux"/>
     <param pos="0" name="os.family" value="Linux"/>
@@ -1756,6 +1771,15 @@
     <param pos="0" name="service.product" value="RealVNC"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:realvnc:realvnc:-"/>
   </fingerprint>
+  <fingerprint pattern="^SecureTransport (\d+[\d\.]+) \(build: (\d+)\)$">
+    <description>AxWay SecureTransport</description>
+    <example>SecureTransport 5.3.6 (build: 412)</example>
+    <param pos="0" name="service.vendor" value="Axway"/>
+    <param pos="0" name="service.product" value="SecureTransport"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:axway:securetransport:{service.version}"/>
+    <param pos="2" name="securetransport.build"/>
+  </fingerprint>
   <fingerprint pattern="(Agranat|Conexant|(?:Globespan)?Virata)-EmWeb/(.*)$">
     <description>EmWeb variants</description>
     <example>Agranat-EmWeb/R4_01</example>
@@ -1911,6 +1935,17 @@
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.cpe23" value="cpe:/a:hp:web_jetadmin:{service.version}"/>
   </fingerprint>
+  <fingerprint pattern="^KM-MFP-http/V([\d\.]+)$">
+    <description>Kyocera Printers</description>
+    <example service.version="0.0.1">KM-MFP-http/V0.0.1</example>
+    <param pos="0" name="os.vendor" value="Kycoera"/>
+    <param pos="0" name="os.device" value="Multifunction Device"/>
+    <param pos="0" name="hw.vendor" value="Kycoera"/>
+    <param pos="0" name="hw.device" value="Multifunction Device"/>
+    <param pos="0" name="service.vendor" value="Kyocera"/>
+    <param pos="0" name="service.product" value="KM-MFP-HTTP"/>
+    <param pos="1" name="service.version"/>
+  </fingerprint>
   <fingerprint pattern="^Citrix Web PN Server$">
     <description>Citrix Web PN (Program Neighborhood) Server is an HTTP server used by Citrix products</description>
     <example>Citrix Web PN Server</example>
@@ -1978,6 +2013,7 @@
     <param pos="0" name="service.product" value="Aura Communication Manager"/>
     <param pos="0" name="service.family" value="Aura"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:avaya:aura_communication_manager:{service.version}"/>
   </fingerprint>
   <fingerprint pattern="^Rapid Logic/((?:\d+\.)*\d+)$">
     <description>Embedded web server by Rapid Logic, which was acquired by Wind River.</description>
@@ -2930,6 +2966,35 @@
     <param pos="1" name="os.version"/>
     <param pos="0" name="os.device" value="WAP"/>
   </fingerprint>
+  <fingerprint pattern="^Linux/(\S+\-ami), UPnP/[\d\.]+, Portable SDK for UPnP devices/(\S+)$">
+    <description>AMI MegaRAC LOM UPnP</description>
+    <example>Linux/3.14.17-ami, UPnP/1.0, Portable SDK for UPnP devices/1.6.20</example>
+    <param pos="0" name="hw.device" value="Lights Out Management"/>
+    <param pos="0" name="hw.vendor" value="AMI"/>
+    <param pos="0" name="hw.family" value="MegaRAC"/>
+    <param pos="0" name="hw.product" value="MegaRAC"/>
+    <param pos="0" name="os.device" value="Lights Out Management"/>
+    <param pos="0" name="os.vendor" value="AMI"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="service.product" value="libupnp"/>
+    <param pos="2" name="service.version"/>
+  </fingerprint>
+  <fingerprint pattern="^Linux/(\S+\-axis[^,]+), UPnP/[\d\.]+, Portable SDK for UPnP devices/(\S+)$">
+    <description>Axis Network Camera</description>
+    <example>Linux/4.9.94-axis5, UPnP/1.0, Portable SDK for UPnP devices/1.6.22</example>
+    <param pos="0" name="hw.vendor" value="AXIS"/>
+    <param pos="0" name="hw.device" value="Web cam"/>
+    <param pos="0" name="os.vendor" value="AXIS"/>
+    <param pos="0" name="os.device" value="Web cam"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="Linux"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
+    <param pos="0" name="service.product" value="libupnp"/>
+    <param pos="2" name="service.version"/>
+  </fingerprint>
   <fingerprint pattern="^Linux/(\S+), UPnP/[\d\.]+, Portable SDK for UPnP devices/(\S+)$">
     <description>Portable SDK for UPnP Server - Linux</description>
     <example>Linux/2.4.20-46.7asp, UPnP/1.0, Portable SDK for UPnP devices/1.6.17</example>
@@ -3020,6 +3085,14 @@
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="1" name="hw.version"/>
   </fingerprint>
+  <fingerprint pattern="^Roku/(\S+) UPnP/\S+ Roku/\S+$">
+    <description>Roku with double versions</description>
+    <example hw.version="9.2.0">Roku/9.2.0 UPnP/1.0 Roku/9.2.0</example>
+    <param pos="0" name="hw.vendor" value="Roku"/>
+    <param pos="0" name="hw.product" value="Roku"/>
+    <param pos="0" name="hw.device" value="Media Server"/>
+    <param pos="1" name="hw.version"/>
+  </fingerprint>
   <fingerprint pattern="^Roku UPnP/\S+ MiniUPnPd/\S+$">
     <description>Roku without a version</description>
     <example>Roku UPnP/1.0 MiniUPnPd/1.4</example>
@@ -3063,6 +3136,71 @@
     <param pos="0" name="service.vendor" value="NetData"/>
     <param pos="0" name="service.product" value="NetData"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:netdata:netdata:{service.version}"/>
+  </fingerprint>
+  <fingerprint pattern="^Solstice 2\.0+$">
+    <description>SolsticePod</description>
+    <example>Solstice 2.0</example>
+    <param pos="0" name="hw.vendor" value="Mersive"/>
+    <param pos="0" name="hw.device" value="Wireless Presenter"/>
+    <param pos="0" name="hw.product" value="SolsticePod"/>
+  </fingerprint>
+  <fingerprint pattern="^MLC ([^\/]+)/([\d\.]+)$">
+    <description>Extron MediaLink Controller HTTP Server</description>
+    <example extron.model="104 IP PLUS" hw.version="1.03">MLC 104 IP PLUS/1.03</example>
+    <param pos="0" name="hw.vendor" value="Extron"/>
+    <param pos="0" name="hw.device" value="Display Controller"/>
+    <param pos="0" name="hw.product" value="{extron.model} MediaLink Controller"/>
+    <param pos="0" name="os.vendor" value="Extron"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="1" name="extron.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="^Jetty \(Bluecat Networks\)$">
+    <description>BlueCat Appliance</description>
+    <example>Jetty (Bluecat Networks)</example>
+    <param pos="0" name="hw.vendor" value="BlueCat"/>
+    <param pos="0" name="hw.device" value="Network Appliance"/>
+  </fingerprint>
+  <fingerprint pattern="^Crestron Webserver$">
+    <description>Crestron Video Conferencing</description>
+    <example>Crestron Webserver</example>
+    <param pos="0" name="hw.vendor" value="Crestron"/>
+    <param pos="0" name="hw.device" value="Video Conferencing"/>
+    <param pos="0" name="os.vendor" value="Crestron"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.device" value="Video Conferencing"/>
   </fingerprint>
-
-</fingerprints>
+  <fingerprint pattern="^OPNsense$">
+    <description>OPNsense Firewall</description>
+    <example>OPNsense</example>
+    <param pos="0" name="hw.vendor" value="OPNsense"/>
+    <param pos="0" name="hw.device" value="Firewall"/>
+    <param pos="0" name="hw.product" value="Firewall"/>
+    <param pos="0" name="os.vendor" value="OPNsense"/>
+    <param pos="0" name="os.product" value="FreeBSD"/>
+  </fingerprint>
+  <fingerprint pattern="^ELAN Controller$">
+    <description>ELAN Smart Home Controller</description>
+    <example>ELAN Controller</example>
+    <param pos="0" name="hw.vendor" value="ELAN"/>
+    <param pos="0" name="hw.device" value="Building Automation"/>
+    <param pos="0" name="hw.product" value="Home Controller"/>
+    <param pos="0" name="os.vendor" value="ELAN"/>
+    <param pos="0" name="os.family" value="Linux"/>
+  </fingerprint>
+  <fingerprint pattern="^STR_SettingServer$">
+    <description>Sony STR AV Receiver</description>
+    <example>STR_SettingServer</example>
+    <param pos="0" name="hw.vendor" value="Sony"/>
+    <param pos="0" name="hw.device" value="Media Server"/>
+    <param pos="0" name="hw.product" value="AV Receiver"/>
+  </fingerprint>
+  <fingerprint pattern="^MWS 0.01$">
+    <description>ANNKE IP Camera</description>
+    <example>MWS 0.01</example>
+    <param pos="0" name="hw.vendor" value="ANNKE"/>
+    <param pos="0" name="hw.device" value="Web cam"/>
+    <param pos="0" name="hw.product" value="IP Camera"/>
+  </fingerprint>
+</fingerprints>

data/xml/http_wwwauth.xml

@@ -54,6 +54,17 @@
     <param pos="0" name="hw.vendor" value="Cisco"/>
     <param pos="0" name="hw.device" value="Router"/>
   </fingerprint>
+  <fingerprint pattern="^Basic realm=&quot;(NetVanta [^&quot;]+)&quot;$" certainty="1.0">
+    <description>ADTRAN Netvanta Router</description>
+    <example hw.product="NetVanta 1238 PoE">Basic realm="NetVanta 1238 PoE"</example>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="os.vendor" value="ADTRAN"/>
+    <param pos="0" name="os.family" value="NetVanta"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.vendor" value="ADTRAN"/>
+    <param pos="0" name="hw.family" value="NetVanta"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
   <fingerprint pattern="^(?:Basic|Digest) realm=&quot;Cisco_CCSP_CWMP_TCPCR&quot;.*$">
     <description>Generic Cisco CWMP/CPE equipment</description>
     <example>Basic realm="Cisco_CCSP_CWMP_TCPCR"</example>
@@ -76,6 +87,7 @@
     <example>Basic realm="cPanel"</example>
     <param pos="0" name="service.vendor" value="cPanel"/>
     <param pos="0" name="service.product" value="cPanel"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:cpanel:cpanel:-"/>
   </fingerprint>
   <fingerprint pattern="^(?:Basic|Digest) realm=&quot;APC Management Card&quot;$">
     <description>APC device</description>
@@ -447,7 +459,7 @@
     <description>Ignore Negotiate-only</description>
     <example>Negotiate</example>
   </fingerprint>
-  <!-- 
+  <!--
   Using a wildcard . instead of ['&quot;] in the following line will result in
   this fingerprint matching examples from other fingerprints.
   -->

data/xml/mdns_device-info_txt.xml

@@ -171,6 +171,7 @@
     <param pos="0" name="hw.family" value="AirPort"/>
     <param pos="0" name="hw.product" value="AirPort Express"/>
     <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:airport_express:-"/>
   </fingerprint>
   <!-- AirPort Extreme -->
   <!-- TODO: Break this down into specific models and generations -->
@@ -188,10 +189,11 @@
     <param pos="0" name="hw.family" value="AirPort"/>
     <param pos="0" name="hw.product" value="AirPort Extreme"/>
     <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:airport_extreme:-"/>
   </fingerprint>
   <!-- TimeCapsule aka AirPort 6 -->
   <!-- TODO: Break this down into specific models and generations -->
-    <fingerprint pattern="^model=(?:AirPort6|TimeCapsule).*$">
+  <fingerprint pattern="^model=(?:AirPort6|TimeCapsule).*$">
     <description>Time Capsule</description>
     <example>model=AirPort6</example>
     <example>model=AirPort6,106</example>
@@ -202,7 +204,6 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="Time Capsule"/>
     <param pos="0" name="os.product" value="Time Capsule Firmware"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:apple:time_capsule_firmware:-"/>
     <param pos="0" name="hw.vendor" value="Apple"/>
     <param pos="0" name="hw.family" value="Time Capsule"/>
     <param pos="0" name="hw.product" value="Time Capsule"/>
@@ -232,7 +233,7 @@
     <param pos="0" name="hw.family" value="MacBook Pro"/>
     <param pos="0" name="hw.product" value="MacBook Pro (15-inch, 2019)"/>
     <param pos="0" name="hw.device" value="Laptop"/>
-  </fingerprint>  
+  </fingerprint>
   <fingerprint pattern="^model=MacBookPro15,2$">
     <description>MacBook Pro (13-inch, 2018, Four Thunderbolt 3 ports)</description>
     <example>model=MacBookPro15,2</example>
@@ -425,7 +426,7 @@
     <param pos="0" name="hw.product" value="MacBook Pro (13-inch, Mid 2012)"/>
     <param pos="0" name="hw.device" value="Laptop"/>
   </fingerprint>
-    <fingerprint pattern="^model=MacBookPro8,3$">
+  <fingerprint pattern="^model=MacBookPro8,3$">
     <description>MacBook Pro (17-inch, Late 2011)</description>
     <example>model=MacBookPro8,3</example>
     <param pos="0" name="os.vendor" value="Apple"/>
@@ -473,7 +474,7 @@
     <param pos="0" name="hw.product" value="MacBook Pro (13-inch, Mid 2010)"/>
     <param pos="0" name="hw.device" value="Laptop"/>
   </fingerprint>
- <fingerprint pattern="^model=MacBookPro6,2$">
+  <fingerprint pattern="^model=MacBookPro6,2$">
     <description>MacBook Pro (15-inch, Mid 2010)</description>
     <example>model=MacBookPro6,2</example>
     <param pos="0" name="os.vendor" value="Apple"/>
@@ -497,7 +498,6 @@
     <param pos="0" name="hw.product" value="MacBook Pro (17-inch, Mid 2010)"/>
     <param pos="0" name="hw.device" value="Laptop"/>
   </fingerprint>
-
   <fingerprint pattern="^model=MacBookPro5,5$">
     <description>MacBook Pro (13-inch, Mid 2009)</description>
     <example>model=MacBookPro5,5</example>
@@ -607,7 +607,7 @@
     <param pos="0" name="hw.product" value="MacBook (13-inch, Mid 2010)"/>
     <param pos="0" name="hw.device" value="Laptop"/>
   </fingerprint>
-<!-- MacBookAir - Reference for the following: https://support.apple.com/en-us/HT201862 -->
+  <!-- MacBookAir - Reference for the following: https://support.apple.com/en-us/HT201862 -->
   <fingerprint pattern="^model=MacBookAir8,2$">
     <description>MacBook Air (Retina, 13-inch, 2019)</description>
     <example>model=MacBookAir8,2</example>
@@ -776,7 +776,7 @@
     <param pos="0" name="hw.family" value="Mac mini"/>
     <param pos="0" name="hw.product" value="Mac mini (Late 2018)"/>
     <param pos="0" name="hw.device" value="Desktop"/>
-  </fingerprint>  
+  </fingerprint>
   <fingerprint pattern="^model=Macmini7,1$">
     <description>Mac mini (Late 2014)</description>
     <example>model=Macmini7,1</example>
@@ -1358,7 +1358,7 @@
     <param pos="0" name="hw.family" value="iPad"/>
     <param pos="0" name="hw.product" value="iPad (4th generation)"/>
     <param pos="0" name="hw.device" value="Tablet"/>
-  </fingerprint>  
+  </fingerprint>
   <!-- iPad Air -->
   <fingerprint pattern="^model=J21[78]AP$">
     <description>iPad Air (3rd generation)</description>
@@ -1383,7 +1383,7 @@
     <param pos="0" name="hw.family" value="iPad Air"/>
     <param pos="0" name="hw.product" value="iPad Air 2"/>
     <param pos="0" name="hw.device" value="Tablet"/>
-  </fingerprint>  
+  </fingerprint>
   <fingerprint pattern="^model=J7[123]AP$">
     <description>iPad Air</description>
     <example>model=J72AP</example>
@@ -1456,6 +1456,7 @@
     <param pos="0" name="hw.family" value="iPad mini"/>
     <param pos="0" name="hw.product" value="iPad mini"/>
     <param pos="0" name="hw.device" value="Tablet"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:ipad_mini:-"/>
   </fingerprint>
   <!-- HomePod -->
   <fingerprint pattern="^model=B238a?AP$">
@@ -1465,7 +1466,6 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="audioOS"/>
     <param pos="0" name="os.product" value="audioOS"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:apple:audio_os:-"/>
     <param pos="0" name="hw.vendor" value="Apple"/>
     <param pos="0" name="hw.family" value="HomePod"/>
     <param pos="0" name="hw.product" value="HomePod"/>
@@ -1478,7 +1478,7 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="tvOS"/>
     <param pos="0" name="os.product" value="tvOS"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tv_os:-"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tvos:-"/>
     <param pos="0" name="hw.vendor" value="Apple"/>
     <param pos="0" name="hw.family" value="Apple TV"/>
     <param pos="0" name="hw.product" value="Apple TV 4K"/>
@@ -1490,7 +1490,7 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="tvOS"/>
     <param pos="0" name="os.product" value="tvOS"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tv_os:-"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tvos:-"/>
     <param pos="0" name="hw.vendor" value="Apple"/>
     <param pos="0" name="hw.family" value="Apple TV"/>
     <param pos="0" name="hw.product" value="Apple TV (4th generation)"/>
@@ -1500,11 +1500,11 @@
     <description>Apple TV (3rd generation)</description>
     <example>model=J33IAP</example>
     <example>model=J33iAP</example>
-    <example>model=J33AP</example>    
+    <example>model=J33AP</example>
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="tvOS"/>
     <param pos="0" name="os.product" value="tvOS"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tv_os:-"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tvos:-"/>
     <param pos="0" name="hw.vendor" value="Apple"/>
     <param pos="0" name="hw.family" value="Apple TV"/>
     <param pos="0" name="hw.product" value="Apple TV (3rd generation)"/>
@@ -1516,7 +1516,7 @@
     <param pos="0" name="os.vendor" value="Apple"/>
     <param pos="0" name="os.family" value="tvOS"/>
     <param pos="0" name="os.product" value="tvOS"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tv_os:-"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:apple:tvos:-"/>
     <param pos="0" name="hw.vendor" value="Apple"/>
     <param pos="0" name="hw.family" value="Apple TV"/>
     <param pos="0" name="hw.product" value="Apple TV (2nd generation)"/>
@@ -1730,6 +1730,7 @@
     <param pos="0" name="hw.family" value="iPhone"/>
     <param pos="0" name="hw.product" value="iPhone 5"/>
     <param pos="0" name="hw.device" value="Mobile Phone"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:iphone_5:-"/>
   </fingerprint>
   <fingerprint pattern="^model=N94AP$">
     <description>iPhone 4s</description>
@@ -1742,6 +1743,7 @@
     <param pos="0" name="hw.family" value="iPhone"/>
     <param pos="0" name="hw.product" value="iPhone 4s"/>
     <param pos="0" name="hw.device" value="Mobile Phone"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:iphone_4s:-"/>
   </fingerprint>
   <fingerprint pattern="^model=N9[02]B?AP$">
     <description>iPhone 4</description>
@@ -1768,6 +1770,7 @@
     <param pos="0" name="hw.family" value="iPhone"/>
     <param pos="0" name="hw.product" value="iPhone 3GS"/>
     <param pos="0" name="hw.device" value="Mobile Phone"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:iphone_3gs:-"/>
   </fingerprint>
   <fingerprint pattern="^model=N82AP$">
     <description>iPhone 3G</description>
@@ -1792,5 +1795,6 @@
     <param pos="0" name="hw.family" value="iPhone"/>
     <param pos="0" name="hw.product" value="iPhone"/>
     <param pos="0" name="hw.device" value="Mobile Phone"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:apple:iphone:-"/>
   </fingerprint>
 </fingerprints>