Acunetix Standard & Premium

New Vulnerability Checks

• New check for Content Security Policy (CSP) not implemented
• New check for Subresource Integrity (SRI not implemented
• New check for Node.js web application source code disclosure
• New check for Ghostscript RCE via file upload
• New check for Paperclip Server-Side Request Forgery (SSRF) via file upload (CVE-2017–0889)
• New check for WPEngine _wpeprivate/config.json information disclosure
• New check for Cross site scripting in HTTP-01 ACME challenge implementation
• New check for npm log file disclosure
• New check for PHP-CS-Fixer cache file disclosure
• Multiple new WordPress and Joomla vulnerability checks

Updates

• License keys can now be updated via the Acunetix web UI
• Additional memory improvements
• Improved exclusion of parameters
• Multiple updates to existing vulnerability checks
• Improved CORS origin validation failure checks
• Improved Pickle Serialization check

Fixes

• Manual Intervention was not working after a paused scan is resumed
• Scans for some sites using Digest HTTP Authentication were stopping unexpectedly
• Additional fixes for issues causing scans exiting unexpectedly
• Fixed issue causing many product update requests when proxy authentication is incorrectly configured
• Fixed: Some backup files / folders were not being identified
• Some vulnerabilities were incorrectly reported in the site root
• Fixed issue in similar page detection causing scans to take longer than expected
• Fixed issue causing valid sessions not to be identified correctly during the scan

New Vulnerability checks

• Detection of Liferay TunnelServlet Deserialization Remote Code Execution
• Detection of Liferay XMLRPC Blind SSRF
• Detection of older versions of Liferay
• Detection of publicly writable Amazon S3 Buckets
• Detection of Apache Shiro Deserialization RCE
• Detection of RichFaces EL Injection RCE
• Detection of Spring JSONP enabled by default in MappingJackson2JsonView (CVE-2018-11040)
• Detection of Spring Webflow SPEL RCE (CVE-2017-4971)
• Detection of Telerik Web UI Cryptographic Weakness
• Detection of Rails Sprockets Path Traversal Vulnerability (CVE-2018-3760)
• Detection of Tomcat path traversal via reverse proxy mapping
• New Vulnerability checks for WordPress and Drupal

Updates

• Reduced the number of requests required for Web Application Detection
• Improved the JSON and the Generic document parser
• Improved handling of non-responsive sites

Fixes

• Fixed a few infrequent crashes
• Fixed Malware link checking vulnerability test
• Fixed issue causing scan to be aborted on redirect to different FQDN for login
• Fixed issue causing Scan Comparison reports to fail
• Fixed issue causing the scanner not to crawl certain HTTPs sites correctly when using proxy

New Features

• HTTP response is now shown for vulnerabilities detected (only affects new scans)
• Manual Intervention has been implemented in v12

New Vulnerability checks

• Added detection of Java Object Deserialization vulnerabilities
• Added detection for Cisco ASA Path Traversal (CVE-2018-0296)
• Added tests for misconfigured nginx aliases that can lead to a path traversal
• Added detection of Spring Security Authentication Bypass Vulnerability (CVE-2016-5007)
• Added detection of weak/insecure permissions for Atlassian Jira REST interface
• Added detection of Apache Tomcat Information Disclosure (CVE-2017-12616)
• Added detection of Spring Data REST Remote Code Execution (CVE-2017-8046)
• Added detection of Insecure Odoo Web Database Manager
• Added detection of JBoss Remote Code Execution (CVE-2015-7501 and CVE-2017-7504)
• Added detection of WebSphere Remote Code Execution (CVE-2015-7450)
• Updated WordPress Plugin vulnerability detection

Updates

• Password is no longer required when configuring client certificate for a Target
• Additional memory optimizations
• Scanner will now report when the LSR cannot login
• Application Error Message vulnerability check updated to provide more details on the error
• Reports, XML exports and WAF exports now use a more meaningful filename
• Reports now show the status of a scan
• Scan debug logs now include imported files
• Increase maximum number of issues trackers that can be configured

Fixes

• multiple crashes while scanning
• Scanner will now re-authenticate when website invalidates authentication during scan (applies to HTTP authentication only)
• Scanner sometimes fails to decode LSR output, leading to an unauthenticated scan
• Fixed many issues causing vulnerabilities not to be detected or to be detected incorrectly
• Two fixes affecting the setting of Cookies
• Fixed issue in RSS parsing
• Fields with certain characters in the name (such as $) were not being tested
• Some out of scope paths were still being crawled
• Fix in the Autologin
• Upon upgrade, user is asked to “Logout from Other Session”
• Target and Vulnerabilities reports were failing
• Recurrent scans for Standard licenses were being disabled
• some reports were generated without file extension

New Features and Vulnerability tests

• New test for WordPress Arbitrary File Deletion Vulnerability described here and here (CVE-2018-12895)
• Added detection of vulnerabilities in the following wordpress plugins:
  • Advanced Order Export For WooCommerce (CVE-2018-11525)
  • WordPress Comments Import & Export (CVE-2018-11526)
  • iThemes Security (formerly Better WP Security) (CVE-2018-12636)
  • ChimpMate-WordPress MailChimp Assistant
  • FireDrum Email Marketing
• New test for Joomla! Core Local File Inclusion (CVE-2018-12712)
• New test for Joomla! Core Cross-Site Scripting (CVE-2018-12711)

Fixes

• Fixed issue with NTLM HTTP Authentication
• Fixed issue causing some pages not to load correctly in the LSR
• Fixed 2 false positives for “User controllable charset” and “User controllable script source”
• Fixed issue in handling HAR import files

Updates

• More improvements to Web Application Detection
• Reports not show if a scan has failed

Fixes

• Scanner was not parsing all AcuSensor data, causing some vulnerabilities not to be reported when AcuSensor is used
• Some reqeusts to HTTPs sites were being downgraded to HTTP