🚀 SmartScanner 2.5 Is Here: Advanced Vulnerability Detection and Powerful New CLI Capabilities
We’re excited to announce the release of SmartScanner 2.5, bringing critical new vulnerability tests, expanded CLI control, and important stability improvements. This release focuses on giving security teams and researchers more precision, flexibility, and confidence when running targeted assessments.
Let’s take a look at what’s new.
🧨 New Vulnerability Tests
XML External Entity (XXE) Injection Detection
SmartScanner 2.5 introduces a new test for XML External Entity (XXE) Injection, helping you identify insecure XML parsers that could lead to sensitive file disclosure, SSRF, or even remote code execution in some environments.
This addition strengthens coverage for applications that process XML-based data and APIs.
React2Shell (CVE-2025-55182) Detection
We’ve added a dedicated test for React2Shell (CVE-2025-55182)—a critical vulnerability that can lead to remote code execution in vulnerable React environments.
With this new test, SmartScanner can help quickly identify exposed systems and reduce the risk of exploitation from this high-impact issue.
🖥️ More Control with the CLI (sms.exe)
SmartScanner 2.5 significantly enhances CLI flexibility:
Selective Test Execution
A new CLI argument allows you to explicitly select which tests to run, making scans faster and more focused. This is ideal for:
- Regression testing
- Targeted vulnerability validation
- Custom security workflows
Single Script Execution Mode
You can now run a single scanning script against a list of input URLs. This is especially useful for:
- Security research
- Proof-of-concept validation
- Narrow-scope assessments
These additions make SmartScanner more adaptable to advanced and specialized use cases.
🔄 Updated Detection Rules & Definitions
To ensure accurate and up-to-date coverage, we’ve refreshed detection logic and vulnerability definitions across multiple technologies:
- OpenSSL
- WordPress
- Apache
- PHP
We’ve also expanded vulnerability definitions to support a broader range of tests, improving overall detection quality and consistency.
đź› Stability & Accuracy Improvements
This release also includes important fixes to improve reliability:
- License Validation Fix: Resolved an issue that could incorrectly invalidate licenses if system date/time settings were changed.
- Reduced False Positives: Fixed a false detection of Subresource Integrity Missing when the scanned URL was not a network resource.
Why This Matters
SmartScanner 2.5 strengthens your ability to detect both modern and classic vulnerabilities—while giving you more control over how scans are executed. Whether you’re validating a specific CVE, running focused research, or building custom security workflows, this release is designed to help you work faster and more precisely.
Get Started with SmartScanner 2.5
SmartScanner 2.5 is available now. đź“Ą Download the latest version and upgrade your security testing today.
As always, thank you for using SmartScanner—and for helping us make it better with your feedback.
Stay secure, The SmartScanner Team
