| Version | Change log |
| Acunetix Web Vulnerability Scanner 25.1.0 Feb 4, 2025 |
New security checks: Added a check for Craft CMS Development Mode enabled Added a check for Craft CMS register_argc_argv RCE (CVE-2024-56145) Added a check for Apple’s App-Site Association (AASA) file Added new checks for API9:2023 Improper Inventory Management Added new checks for API10:2023 Unsafe Consumption of APIs Added new checks for API2:2023 Broken Authentication New features: Added support for scanning web applications using Smart Card Authentication. Learn more. Improvements: Improved detection of Microsoft SQL Server as a technology Improved detection of XSS Updated the severity of some vulnerabilities to better reflect their impact Improved detection of weak passwords Improved detection of Blind XSS Improved detection of SQL Injection Updated scanner to never downgrade from HTTPs to HTTP Resolved issues: Improvement to launching Chromium on Windows 10 build 14393 |
| Acunetix Web Vulnerability Scanner 24.12 Dec 16, 2024 |
New Security Checks: Added Palo Alto PAN-OS RCE (CVE-2024-0012/CVE-2024-9474) Added Sitecore AFR (CVE-2024-46938) Added a security check for CVE-2024-51567 / CVE-2024-51568 / CVE-2024-51378 Added a fix for Acunetix’s incorrect detection of Drupal versions, where the script read the version correctly but compared it improperly Improvements: The engine now uses Chromium 131 for scanning The engine now leverages headers from all import files, incl. Postman collections The engine now supports using host and path from Postman collections Users can see clearly if OTP is not configured inside the Login Sequence Recorder Fixes: Fixed an issue where, in rare cases, the LSR failed to correctly add session data Fixed an issue where GraphQL imports could fail in certain edge cases |
| Acunetix Web Vulnerability Scanner 24.9.2410251 Oct 29, 2024 | Fixed a problem with the scanner that was causing it to crash in some instances |
| Acunetix Web Vulnerability Scanner 24.9.2410151 Oct 18, 2024 |
New Security Checks: Added check for CVE-2024-6842 Improvements: Upgraded to OpenSSL Updates to technologies and fingerprints |
| Acunetix Web Vulnerability Scanner 24.9.2409240 Sep 26, 2024 | Enabled RuntimeSCA for On-Premises customers |
| Acunetix Web Vulnerability Scanner 24.8.2409031 Sep 4, 2024 |
New Features: Added support for Apache Tomcat 11 in JAVA IAST sensor RAML API specs can now be uploaded to extend the coverage of API scanning |
| Acunetix Web Vulnerability Scanner 24.8.2408281 Sep 4, 2024 |
New Features: Added support for Apache Tomcat 11 in JAVA IAST sensor RAML API specs can now be uploaded to extend the coverage of API scanning |
