A new Acunetix Premium update has been released for Windows and Linux: 15.1
This Acunetix release updates its user interface and the notifications list. The user interface features a new navigation menu, which prioritizes features based on how frequently you may need them.
The most frequently used features appear on the top while the rest has been placed in the bottom section. For example, you can view targets, scans, and vulnerabilities on the upper part. Other features like email settings or WAFs are at the bottom of the menu.
The release also updates the notifications list. The significant change is that you can access all notification updates from the past 30 days in the list. These updates remain available in the list even after reading them.
This Acunetix update also includes a number of new vulnerability checks, updates, and fixes.
New features
- New navigation menu for a better user experience.
- Notification updates are shown for the last 30 days
New vulnerability checks
- New check for Swagger UI DOM XSS vulnerability.
- New test for Fortinet Authentication bypass on the administrative interface (CVE-2022-40684).
- New test for Insecure usage of Version 1 UUID/GUID.
- New test for Text4shell: Apache Commons Text RCE via insecure interpolation (CVE-2022-42889).
- New test for OpenSSL X.509 Email Address Buffer Overflows (CVE-2022-3786).
- Updated test for Open Monitoring Interfaces.
- Updated the software composition analysis database.
- Updated the WordPress plugin vulnerabilities.
Updates
- Updated the embedded Chromium browser to v107.0.5304.87/88.
- Updated how scans reaching max scan time are displayed in UI.
- Updated Issue Tracker UI to accept internal URLs.
- Improved Log4J checks to reduce false positives.
Fixes
- Fixed the issue causing the IAST bridge to fail to send responses to the sensor when large packets are received from the sensor.
- Added loopback routes that returned ‘undefined’ as an HTTP method.
- Added the keep connection alive message between AcuSensor and the web application scanner to keep the connection alive.
Upgrade to the latest build
If you are already using Acunetix build 15.x, you can initiate the automatic upgrade from the new build notification on the About page.
If you are using Acunetix build 14.x or earlier, you need to download Acunetix from here. Use your Acunetix license key to download and activate your product.
Get the latest content on web security
in your inbox each week.