Combo Tools Acunetix v24.6.240626115 - 27 Jun 2024

[SimonGiurca]

ADD AN IMAGE HERE! [Not adding an image will result in removal]
Then remove these lines.
Download:
Windows: https://ponies.cloud/scanner_web/acunetix/Acunetix-v24.6.240626115-Windows-Pwn3rzs-CyberArsenal.rar
Linux: https://ponies.cloud/scanner_web/acunetix/Acunetix-v24.6.240626115-Linux-Pwn3rzs-CyberArsenal.7z
Password: Pwn3rzs

• Security checks can now be auto-updated without requiring a full product update

New Security Checks

• SolarWinds Serv-U directory transversal (https://nvd.nist.gov/vuln/detail/CVE-2024-28995)
• Ivanti EPM SQL Injection / RCE (https://nvd.nist.gov/vuln/detail/CVE-2024-29824)
• Rejetto HTTP File Server SSTI / RCE (https://nvd.nist.gov/vuln/detail/CVE-2024-23692)
• PHP CGI Argument Injection (https://nvd.nist.gov/vuln/detail/CVE-2024-4577)
• Telerik Report Server - Authentication Bypass (https://nvd.nist.gov/vuln/detail/CVE-2024-4358)
• Added a new security check to identify supply chain attacks through Polyfill JS.

Improvements

• Added a notification in the UI to inform users when their account does not have any permissions set up yet (Acunetix Premium+)
• Updated the Scan Details page user experience with RuntimeSCA reporting (available to Early Access customers)
• Improved detection of DOM XSS vulnerabilities
• .NET Core IAST sensor - added hooking for System.Xml functions
• Improved detection of Open Redirect vulnerabilities
• Improved descriptions for verified vulnerabilities
• Added a notification to the activity log when the engine is unable to communicate with the SCA service

Fixes

• Fixed the issue that was causing the BLR to fail on Sequential/Slow scans
• Fixed the issue that was causing duplicates in the sitemap
• Logon banner messages (when configured) now display properly on the login page (Acunetix On-Premises)