A new Acunetix Premium update has been released for Windows, Linux, and macOS: 14.7.220228146
This Acunetix release introduces multiple IAST updates that will help detect several high severity vulnerabilities, provide full coverage for the newly supported web frameworks, and improve the detection of server-side misconfigurations. It also introduces new vulnerability checks for well-known web applications, includes a number of updates to the CSRF token handling, and provides numerous improvements, updates, and product fixes.
New features
- The .NET IAST sensor (AcuSensor) can now be installed on .NET Core v3 and v5 on Windows (with the Kestrel server)
- The Acunetix scanner was updated to support routes for frameworks supported by the IAST sensors (AcuSensor).
- Added support for the Laravel framework in the PHP IAST sensor (AcuSensor)
- Added support for the CodeIgnitor framework in the PHP IAST sensor (AcuSensor)
- Added support for the Symphony framework in the PHP IAST sensor (AcuSensor)
- Added support for the ASP.NET MVC in the .NET Core IAST sensor (AcuSensor)
- Added support for Razor Pages in the .NET Core IAST sensor (AcuSensor)
- Added support for Web API in the .NET Framework and the .NET Core IAST sensors (AcuSensor)
- Added support for Spring MVC in the JAVA IAST sensor (AcuSensor)
- Added support for Spring Struts2 in the JAVA IAST sensor (AcuSensor)
New vulnerability checks
Acunetix has been updated to detect the following vulnerabilities using IAST:
Acunetix IAST (AcuSensor) has been updated to detect over 30 new server-side misconfigurations across all sensors:
Updates
- IAST sensors (AcuSensor) capabilities have been updated to improve the detection of:
- Acunetix will start reporting if an older version of the IAST sensor (AcuSensor) is installed on the web application
- Considerable update to the handling of CSRF tokens
- The Vulnerabilities The page now includes a unique vulnerability ID
- Multiple UI updates
- Multiple DeepScan updates
Fixes
- Fixed an issue with GitLab issue types not showing in the UI
- Fixed an issue with Amazon AWS WAF export
- Fixed several scanner crashes
- Fixed an issue with .NET IAST AcuSensor not working on IIS prior to version 10
- Fixed an issue with Node.js IAST AcuSensor causing the web application to stop working
- Fixed an ordering issue in PDF comprehensive reports for multiple scans
- Fixed a timeout issue causing IAST data not to reach the Acunetix scanner
Upgrade to the latest build
If you are already using Acunetix build 14.x, you can initiate the automatic upgrade from the new build notification in the Acunetix UI> About page.
If you are using Acunetix build 13.x or earlier, you need to download Acunetix from here. Use your Acunetix license key to download and activate your product.
Get the latest content on web security
in your inbox each week.