New build checks for Drupal RCE, ThinkPHP RCE, vBulletin LFI and Typo3 Restler LFI

Acunetix version 12 (build 12.0.190227132 – Windows and Linux) has been released. This new build includes a good number of new vulnerability checks, including checks for the recently discovered Drupal Remote Code Execution vulnerability, another RCE in ThinkPHP, Local File Inclusion vulnerabilities in vBulletin and Typo3, Unauthorized Access vulnerabilities in FastGI and uWSGI and new vulnerability checks for WordPress Core, WordPress Plugins and Drupal Core. The new vulnerability checks, updates and fixes are available for both Windows and Linux.

New Vulnerability Checks

Updates

  • Update Source Code Disclosure checks to prevent False Positives
  • Unused paths are now filtered from AcuSensor data

Fixes

  • Fixed false positive in Expression Language Injection vulnerability check
  • Fixed issue in LSR / Deepscan when processing scripts overriding to JSON on Object

Upgrade to the latest build

If you are already using Acunetix v12, you can initiate the automatic upgrade from the new build notification in the Acunetix UI > Settings page.
If you are using a previous version of Acunetix, you need to download Acunetix version 12 from here. Use your current Acunetix License Key to download and activate your product.

Share this post
Nicky SciberrasNicholas Sciberras Chief Technical Officer
LinkedIn: https://www.linkedin.com/in/nicholas-sciberras/

As the CTO at Acunetix, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams and provided technical training.

Leave a Reply

Your email address will not be published.