Changelogs

Acunetix Standard & Premium

RSS Feed

v23.7.230728157 - 31 Jul 2023

Copy Link Copy Link
Version 23 build 23.7.230728157 for Windows and Linux – 27 July 2023

Important note

Starting from version 23.6.230626159, we have deprecated support for Windows 8, Server 2012 and Server 2012 R2. Please update your Windows Operating System to Windows 10 (or later) or Windows Server 2016 (or later) to use this and upcoming releases.

New Features

  • [Closed beta feature] Acunetix now includes Runtime SCA, which identifies the technologies used on the scanned endpoints, and highlights the technologies with known vulnerabilities.
  • [Closed beta feature] The internal scanning agent in Acunetix Online, available in closed BETA, can now start multiple concurrent scans.

New Security Checks

Improvements

  • Updated The CWE Top 25 Report to the latest 2023 version
  • Improvements to the .NET IAST AcuSensor allowing more information gathering
  • Improved support for Shadow DOM in LSR
  • Improvements to NGINX Alias traversal security check
  • Improvements to WordPress vulnerability detection
  • Improvements to the Code Execution security checks

v23.6.230628115 - 28 Jun 2023

Copy Link Copy Link
Version 23 build 23.6.230628115 for Windows and Linux – 29 June 2023

Important note

Acunetix Premium now uses the Calver versioning convention. Please note that starting from version 23.6.230628115, we have deprecated support for Windows 8, Server 2012 and Server 2012 R2. Please update your Windows Operating System to Windows 10 (or later) or Windows Server 2016 (or later) to use this and upcoming releases.

New Features

  • [Closed beta feature] Internal site scanning for on-demand users for Windows machines

New Security Checks

Improvements

  • Acunetix Premium now ships with Chromium 114.0.5735.133/134 on Linux and Windows
  • Updated UI design in select parts of the product
  • Added support for OpenAI manifest files

v15.7.230616162 - 19 Jun 2023

Copy Link Copy Link
Version 15 build 15.7.230616162 for Windows and Linux – 20 June 2023

Important note

Acunetix Premium 15.7.230616162 is the latest version available for installation on Windows 8, Server 2012, and Server 2012 R2. If you wish to receive new updates, we recommend updating your operating system to either Windows 10, Windows Server 2016, 2019, or 2022.

New security checks

  • Added new security check for MOVEIt Transfer SQL Injection. (CVE-2023-34362)

Improvements

  • Updated the Software Composition Analysis (SCA) database.
  • Updated the embedded Chromium browser to v109.0.5414.149 for Windows and 114.0.5735.110 for Linux.

v15.7.230603143 - 05 Jun 2023

Copy Link Copy Link
Version 15 build 15.7.230603143 for Windows and Linux – 9 May 2023

New features

New security checks

  • Added the support for automated detection of WSDL during crawling.
  • A new security check for SOAP WS addressing Server-side request forgery.

Improvements

  • .NET sensor supports .NET 6.0 for Windows and Linux.
  • Updated the WordPress plugin vulnerabilities.
  • Updated the WordPress core vulnerabilities.
  • Updated the Software Composition Analysis (SCA) database.

Fixes

  • Fixed the time validation issue on the Scheduling Scan dialog.
  • Added time validation for scheduling scans.

v15.6.230505122 - 09 May 2023

Copy Link Copy Link
Version 15 build 15.6.230505122 for Windows and Linux – 9 May 2023

New Security Checks

  • Added SAML-related security checks.
  • New security checks for Adobe ColdFusion affected by Deserialization RCE vulnerability. CVE-2023-26359/CVE-2023-26360
  • New security checks for GraphQL.
  • New checks for Joomla vulnerabilities.

Improvements

  • Updated the embedded Chromium browser to v109.0.5414.141 for Windows and 112.0.5615.165 for Linux.
  • Improved the Business Logic Recorder to work with autocomplete fields.
  • Updated .NET IAST AcuSensor to avoid reporting false positives for default server misconfiguration.
  • Improved .NET IAST AcuSensor for reporting vulnerable packages.
  • Added support for file upload to the Login Sequence Recorder and Business Logic Recorder.
  • Improved response handling.
  • Various DeepScan Improvements.
  • Improved the coverage of development file exposure check.
  • Updated the Software Composition Analysis (SCA) database.
  • Updated the WordPress plugin vulnerabilities.

Fixes

  • Various fixes in the scanner to lower memory usage.

v15.5.230406089 - 11 Apr 2023

Copy Link Copy Link
Version 15 build 15.5.230406089 for Windows and Linux – 11 April 2023

Fixes

  • Fixed scanner crash.

v15.5.230326230 - 28 Mar 2023

Copy Link Copy Link
Version 15 build 15.5.230326230 for Windows and Linux – 28 March 2023

New feature

Security checks

  • Improved the Server-side prototype pollution check.
  • Updated the WordPress plugin vulnerabilities.
  • Updated the software composition analysis database.

Improvements

  • Added sitemap parser to better handle the sitemap files.
  • Improved the user interface to remove the hyperlink for websites that users do not have permission to.
  • Improved scanner to identify XSS in forms where these forms are protected with a CSRF token that is changing each time the page is refreshed.
  • Increased limit for data exchanged between IAST AcuSensors and the Acunetix engine.
  • Improved the token validator for new Jira tokens.

Fixes

  • Fixed the OpenVAS service on Acunetix Premium Online to avoid the scan queue.
  • Fixed bug causing some vulnerability checks to not execute on scans which are paused and resumed.
  • Fixed issue with the request header limit for Github/Gitlab issue trackers.
  • Fixed the issue of sending issues to Bugzilla.
  • Fixed the bug that threw an internal server exception when a system admin tries to add a new user.
  • Fixed the UI bug that appeared when the target is network.
  • Fixed the issue that rejected locations and schemes are still being scanned.
  • Fixed the issue with the corrupted links that are sent via email after the scan.
  • Fixed the password reset issue.
  • Fixed possible false positive misconfiguration “ASP.NET expired session IDs are not regenerated”

v15.4.230301111 - 03 Mar 2023

Copy Link Copy Link
Version 15 build 15.4.230301111 for Windows and Linux – 3 March 2023

New security checks

v15.4.230222085 - 23 Feb 2023

Copy Link Copy Link
Version 15 build 15.4.230222085 for Windows and Linux – 23 February 2023

New features

New security checks

Improvements

  • Added the Heuristic server-side routing detection to optimize attacks.
  • Updated the embedded Chromium browser to v109.0.5414.119.
  • Added the company name field to the registration process to Acunetix.
  • Updated the issue tracker integrations to show the link to the relevant ticket created in those issue trackers.
  • Updated the DISA STIG report to version 5.2.
  • Improved the CSV importing link to limit the target limit to 500.
  • Improved the scanner engine to reduce the memory footprint.
  • Improved the .NET IAST sensor to mask any password.

Fixes

  • Fixed the pagination bug on the Targets page.
  • Fixed the crawler issue that the page becomes unresponsive when it contains many elements.
  • Fixed the single-page application crawler to be consistent in the form submission.
  • Fixed a notification bug that does not redirect users to the correct URL for the finished scan.
  • Fixed the bug that does not refresh the user interface after the update.
1 4 5 6 26