diff --git a/http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml b/http/vulnerabilities/other/sharp-printers-lfi.yaml
similarity index 81%
rename from http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml
rename to http/vulnerabilities/other/sharp-printers-lfi.yaml
index 94a6c69194..ca035a94e7 100644
--- a/http/vulnerabilities/other/sharp-multi-function-printers-local-file-disclosure.yaml
+++ b/http/vulnerabilities/other/sharp-printers-lfi.yaml
@@ -1,4 +1,4 @@
-id: sharp-multi-function-printers-local-file-disclosure
+id: sharp-printers-lfi
 
 info:
   name: Sharp Multifunction Printers - Local File Inclusion
@@ -6,7 +6,8 @@ info:
   severity: high
   description: |
     It was observed that Sharp printers are vulnerable to a local file inclusion without authentication. Any attacker can read any file located in the printer.
-  remediation: Apply all relevant security patches and product upgrades.
+  remediation: |
+    Apply all relevant security patches and product upgrades.
   reference:
     - https://pierrekim.github.io/blog/2024-06-27-sharp-mfp-17-vulnerabilities.html#pre-auth-lfi
     - https://jvn.jp/en/vu/JVNVU93051062/index.html
@@ -29,6 +30,11 @@ http:
         regex:
           - "root:.*:0:0:"
 
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream; name=passwd"
+
       - type: status
         status:
           - 200