Reports of a 0-day vulnerability in Acunetix Web Vulnerability Scanner turn out to affect only an old version from 2012 which was subsequently fixed.
A blog post has recently come to our attention that claims a successful attack against Acunetix v8 (build 20120704), and in the process “reveal[ed] a new vulnerability”.
We want to make it clear, and re-assure our customers, that this vulnerability only affects an old build from 2012. The following build, released in January 2013, fixed this vulnerability.
The blogger seems to have managed to pull his exploit by using a cracked version of the software from 2012. Legitimate users of the more recent Acunetix WVS v8 and v9 are not affected by this.
Once again we want to re-assure all users of legitimate installations of Acunetix WVS that they are in no danger, and are not affected by this at all.
Get the latest content on web security
in your inbox each week.
THE AUTHOR
