Acunetix Standard & Premium

New Features

• Added support for URL optional fields
• Added support for Brotli encoding
• JAVA AcuSensor can now be used on Tomcat 10.0.x
• Added support for Restify framework in Node.js Sensor
• Added support for LoopBack framework in Node.js Sensor
• Added support for Sequelize ORM in Node.js Sensor
• Added support for Router Package in Node.js Sensor
• Added support for Director Router in Node.js Sensor

New Vulnerability Checks

• New check for Apache HTTP Server Source Code Disclosure
• New check for ManageEngine ADSelfService Plus Authentication Bypass (CVE-2021-40539)
• New check for Oracle Business Intelligence ReportTemplateService XXE (CVE-2021-2400)
• New check for Jira Unauthorized User Enumeration (CVE-2020-14181)
• New check for Jira Unauthorized User Enumeration via UserPickerBrowser
• New check for Jira Projects accessible anonymously
• New check for Payara Micro File Read (CVE-2021-41381)

Updates

• Export to AWS WAF is now available in all pages which allow WAF Export
• Updated Pre-request scripts, making it easier to update session header value
• Updated the detection of WAFs to support new WAFs
• Increased the detection of development files
• Improved the JavaScript Library Audit checks

Fixes

• Fixed issue in Paros import
• Fixed issue in scanner causing False Negatives when processing specific pages
• Fixed issue in AWS WAF Export
• Fixed issue in PHP Sensor not being detected when used in a large site with many files
• Fixed issue causing pre-request scripts not to be loaded by scanner
• Fixed 3 issues in Postman imports
• Fixed False Negative in Django Debug Mode vulnerability check
• Fixed issue causing high response times in UI caused by large quantity of Targets configured
• Fixed false positive in “User credentials are sent in clear text” check

Fixes

• Fixed: Error when adding new Targets
• Fixed: Scanner crash when using a Postman import file

New Features

• Pre-request script support
• New Log Data Retention options

New Vulnerability Checks

• New check for Oracle E-Business Suite Information Disclosure
• New check for Alibaba Nacos Authentication Bypass (CVE-2021-29441)
• New check for Gitlab CI Lint SSRF
• New check for Gitlab open user registration
• New check for Gitlab user disclosure via graphql endpoint
• New check for Bitrix galleries_recalc.php XSS
• New check for Bitrix open redirect
• New check for Jetty ConcatServlet Information Disclosure (CVE-2021-28164)
• New check for Jenkins open user registration
• New check for Open Mikrotik stats
• New check for Open Nuster stats
• New check for RethinkDB administrative interface publicly exposed
• New check for spring-boot-actuator-logview Path Traversal
• New check for Hasura GraphQL API without authentication
• New check for ForgeRock OpenAM Deserialization RCE (CVE-2021-29156)
• New check for BuddyPress REST API Privilege Escalation
• New check for Grandnode Path Traversal (CVE-2019-12276)
• New check for SearchBlox Local File Inclusion (CVE-2020-35580)
• New check for Zimbra Collaboration Suite SSRF (CVE-2020-7796)
• New check for Ghost CMS Theme Preview XSS (CVE-2021-29484)
• New check for qdPM Information Disclosure
• New checks for vulnerabilities in WordPress Plugins

Updates

• Max items shown per page can now be configured
• Updated Deepscan to process hashes in URLs
• Updated Chromium to v92.0.4512.0
• Updated CSV export to include text only details
• JavaScript Library Audit now supports merged JavaScript files
• Added support for dev tools in standalone LSR
• Multiple UI updates
• Multiple LSR updates
• Target knowledgebase will now be reset when Target settings are changed
• Updated Selenium import to support selectFrame
• Updated OWASP Top 10 report to include CVSS score
• Updated Compliance report to include CWE
• Added option to enable debuglogs for all Targets
• Optimisations to the Java and Node.js AcuSensors
• Improved support for Hapi framework in Node.js AcuSensor
• Add support for find-my-way HTTP router in Node.js AcuSensor
• Improved ionCube Loader-wizard information disclosure check
• Improved cache poisoning DOS checks
• Improved detection of Apache Struts2 Remote Command Execution (S2-052)
• Improved detection of Directory Traversal vulnerabilities
• Added option to skip testing of login form configured for the Target
• Improved handling of Custom 404 pages

Fixes

• Fixed multiple crashes in the scanner
• Fixed issue causing some requests to be done to restricted links
• Addressed multiple Deepscan issues
• Paused scans can now be Aborted
• Fixed XPath Injection false positive
• Fixed Bitrix Open Redirect false positive
• Fixed Spring Boot Actuator false negative
• Fixed issue in .NET Sensor Manager not showing buttons on lower resolutions

New Features

• New SCA (Software Composition Analysis) for PHP, JAVA, Node.js and .NET web applications. Acunetix will report vulnerable libraries used by the web application when AcuSensor is used

New Vulnerability Checks

• New check for SSRF via logo_uri in MITREid Connect (CVE-2021-26715)
• New check for Oracle E-Business Suite Information Disclosure
• New check for Unauthorized Access to a web app installer
• New check for SAML Consumer Service XML entity injection (XXE)
• New check for Grav CMS Unauthenticated RCE (CVE-2021-21425)
• New check for Outsystems Upload Widget Arbitrary File Uploading (RPD-4310)
• New check for Django Debug Toolbar
• New check for Joomla Debug Console enabled
• New check for Joomla J!Dump extension enabled
• New check for Request Smuggling
• New check for Unrestricted access to Caddy API interface
• New check for Pyramid framework weak secret key
• New check for Apache Tapestry Unauthenticated RCE (CVE-2019-0195 and CVE-2021-27850)
• New check for Unrestricted access to Spring Eureka dashboard
• New check for Unrestricted access to Yahei PHP Probe
• New check for Unrestricted access to Envoy Dashboard
• New check for Unrestricted access to Traefik2 Dashboard
• New check for Dragonfly Arbitrary File Read/Write (CVE-2021-33564)
• New check for Oracle E-Business Suite Frame Injection (CVE-2017-3528)
• New check for Gitlab CI Lint SSRF
• New check for Gitlab open user registration
• New check for Gitlab user disclosure via GraphQL

Updates

• Updated .NET AcuSensor
• .NET AcuSensor can be now deployed from CLI
• User is notified when imported URLs are out of scope
• Scan events are not shown in json any more
• New column for Continuous Scanning in the Targets page
• New filter in Targets page to easily identify Targets with debug enabled
• Vulnerabilities page shows if the vulnerability was detected by a web or network scan
• Merged Add Target and Add Targets options in UI
• Custom Field, labels and tags can be configured for Issue Trackers
• Platform Admin can now unlock locked accounts
• New column in CSV export showing details in text only
• Updated the way that AcuSensor token can be updated in the Target Settings
• PCI DSS compliance report updated to PCI DSS 3.2.1
• Compliance Reports updated to make use of the Comprehensive report template
• Browser Dev tools can be used when LSR is started from CLI
• Updated XFO check
• Multiple UI updates
• Improved false positive detection of out of band RCE and argument injection vulnerabilities
• Multiple updates to the Postman import implementation
• Updated JavaScript Library Audit to support merged JavaScript files

Fixes

• HSTS has been enabled for the AcuSensor bridge
• Latest Alerts section of Scan results was not updated with AcuMonitor (OOB) vulnerabilities)
• The Fragments was not clickable in the site structure
• HSTS Best Practices was sometimes being reported multiple times
• Fixed HSTS false negative
• Fixed issue in the detection of Django 3 weak secret
• Fixed issue causing GitHub labels not to be updated when changing Github issue Tracker Project
• Fixed encoding issue in Node.js AcuSensor
• Fixed issue causing corruption of Target knowledgebase
• Fixed DeepScan timeout when processing Prototype JavaScript library
• Fixed issue causing outdated JavaScript libraries check not to report external libraries
• Fixed issue in Oauth password credentials grant