Acunetix Premium - v25.5.0
New features
-
Added support for JAVA IAST Sensor running on WebLogic (Read more)
New security checks
- Added JWT auth bypass for API
- Added SAP NetWeaver Visual Composer Unrestricted File Uploading (CVE-2025-31324)
- Added detection for Craft CMS Remote Code Execution (CVE-2025-32432)
- Added check for missing X-Content-Type-Options header
- Detection for Craft CMS Remote Code Execution vulnerability (CVE-2025-32432)
Improvements
- Added regex to enhance detection of Stack Trace Disclosure in Django apps
- Improved detection of JWTs signed with weak secrets
- Added new security check for exposed nginx.conf and .htaccess files to enhance vulnerability detection
- LDAP Injection detection added
- Added detection for PII (Personally Identifiable Information) disclosure vulnerabilities
- New detection for database connection strings in JSON responses to improve sensitive data exposure coverage
- Scanner updated to support scanning targets with NTLM Authentication from Linux
Resolved issues
- Fixed false positive for Cleo Harmony/VLTrader/LexiCom RCE detection
- Corrected version comparison logic in "Scripts\WebApps\drupal_3.script"