Security researchers from the elite Ashiyane Digital Security Team have discovered a vulnerability in Acunetix -version 10.0-
Acunetix is a company that makes web and network application scanners. Acunetix automatically crawls and scans off-the-shelf and custom-built websites and web applications for SQL Injection, XSS, XXE, SSRF, Host Header Attacks & over 3000 other web vulnerabilities.
The discovery by Ashiyane shows that local attackers can inject code to vulnerable dynamic link libraries -DLLs- to compromise the process or to gain higher access privileges.
The affected DLLs are: