Acunetix v11 (build 11.0.172641450) has been released. This new build includes new vulnerability checks for Apache Struts and nginx. It also improves the detection of Blind SQL Injection and Remote File Inclusion XSS and improves support for large JavaScript files. Below is a full list of updates.
New Features and Vulnerability Tests
- Added detection for Apache Struts Remote Code Execution (s2-052)
- Added detection for Apache Struts Remote Code Execution (s2-053) – CVE-2017-12611
- Check for Header Injection via misconfigured nginx redirects
- Check for nginx Integer Overflow vulnerability (CVE-2017-7529)
Improvements
- Improved the detection of Blind SQL Injection
- Better support for large JavaScript files
- JAVA error detection now includes the full JAVA error returned by the server
- Improved the Remote File Inclusion XSS checks
- Updated the Joomla and WordPress vulnerability checks
Fixes
- Fixed bug causing the downloading of a Target’s LSR file to fail
- Fixed bug in HTTP Digest Authentication
Upgrade to the latest build
If you are already using Acunetix v11, you can initiate the automatic upgrade from the new build notification in the Acunetix UI .
If you have not yet installed or upgraded to Acunetix v11, you may download Acunetix version 11 from here. Use your current Acunetix License Key to download and activate the product.
Get the latest content on web security
in your inbox each week.
THE AUTHOR
Nicholas Sciberras
Principal Program Manager
Principal Program Manager
