Acunetix Premium - v12.0.180821106

New Vulnerability checks

• Detection of Liferay TunnelServlet Deserialization Remote Code Execution
• Detection of Liferay XMLRPC Blind SSRF
• Detection of older versions of Liferay
• Detection of publicly writable Amazon S3 Buckets
• Detection of Apache Shiro Deserialization RCE
• Detection of RichFaces EL Injection RCE
• Detection of Spring JSONP enabled by default in MappingJackson2JsonView (CVE-2018-11040)
• Detection of Spring Webflow SPEL RCE (CVE-2017-4971)
• Detection of Telerik Web UI Cryptographic Weakness
• Detection of Rails Sprockets Path Traversal Vulnerability (CVE-2018-3760)
• Detection of Tomcat path traversal via reverse proxy mapping
• New Vulnerability checks for WordPress and Drupal

Updates

• Reduced the number of requests required for Web Application Detection
• Improved the JSON and the Generic document parser
• Improved handling of non-responsive sites

Fixes

• Fixed a few infrequent crashes
• Fixed Malware link checking vulnerability test
• Fixed issue causing scan to be aborted on redirect to different FQDN for login
• Fixed issue causing Scan Comparison reports to fail
• Fixed issue causing the scanner not to crawl certain HTTPs sites correctly when using proxy