Misleading Reports of 0-Day in Acunetix WVS

Reports of a 0day vulnerability in Acunetix Web Vulnerability Scanner turn out to affect only an old version from 2012 which was subsequently fixed.

A blog post has recently come to our attention that claims a successful attack against Acunetix v8 (build 20120704), and in the process “reveal[ed] a new vulnerability”.

We want to make it clear, and re-assure our customers, that this vulnerability only affects an old build from 2012. The following build, released in January 2013, fixed this vulnerability.

The blogger seems to have managed to pull his exploit by using a cracked version of  the software from 2012. Legitimate users of the more recent Acunetix WVS v8 and v9 are not affected by this. 

Once again we want to re-assure all users of legitimate installations of Acunetix WVS that they are in no danger, and are not affected by this at all.  

For any questions or queries our Support Team is at your complete disposal and be reached at support@acunetix.com.

ShareShare on FacebookTweet about this on TwitterShare on Google+

Leave a Reply


*