Acunetix Premium - v23.7.230728157
Important note
Starting from version 23.6.230626159, we have deprecated support for Windows 8, Server 2012 and Server 2012 R2. Please update your Windows Operating System to Windows 10 (or later) or Windows Server 2016 (or later) to use this and upcoming releases.
New Features
- [Closed beta feature] Acunetix now includes Runtime SCA, which identifies the technologies used on the scanned endpoints, and highlights the technologies with known vulnerabilities.
- [Closed beta feature] The internal scanning agent in Acunetix Online, available in closed BETA, can now start multiple concurrent scans.
New Security Checks
- Check if API responses containing PII are accessible without authentication
- Test for Joomla Unauthorized Access Vulnerability: CVE-2023-23752
- Test for authentication bypass in the Express javascript framework due to case-insensitive path handling
- Test for Citrix Gateway XSS: CVE-2023-24488
- Test for authentication bypass and privilege escalation in WooCommerce: CVE-2023-28121
- Detect if Rails is running in debug mode
- Detect Access Control Bypass for Remote Code Execution for Adobe ColdFusion: CVE-2023-29298, CVE-2023-29300
Improvements
- Updated The CWE Top 25 Report to the latest 2023 version
- Improvements to the .NET IAST AcuSensor allowing more information gathering
- Improved support for Shadow DOM in LSR
- Improvements to NGINX Alias traversal security check
- Improvements to WordPress vulnerability detection
- Improvements to the Code Execution security checks