diff --git a/cves/2021/CVE-2021-43798.yaml b/cves/2021/CVE-2021-43798.yaml
index 08d88ae9f4..2e81b25034 100644
--- a/cves/2021/CVE-2021-43798.yaml
+++ b/cves/2021/CVE-2021-43798.yaml
@@ -1,7 +1,7 @@
 id: CVE-2021-43798
 
 info:
-  name: Grafana v8.x Arbitrary File Read
+  name: Grafana v8.x - Arbitrary File Read
   author: z0ne,dhiyaneshDk,j4vaovo
   severity: high
   description: Grafana versions 8.0.0-beta1 through 8.3.0 are vulnerable to a local directory traversal, allowing access to local files. The vulnerable URL path is `<grafana_host_url>/public/plugins/NAME/`, where NAME is the plugin ID for any installed plugin.
@@ -17,6 +17,7 @@ info:
     cve-id: CVE-2021-43798
     cwe-id: CWE-22
   metadata:
+    verified: "true"
     shodan-query: title:"Grafana"
   tags: cve,cve2021,grafana,lfi
 
@@ -30,12 +31,11 @@ requests:
     stop-at-first-match: true
     matchers-condition: and
     matchers:
-
       - type: regex
         regex:
           - "root:.*:0:0:"
-          - "for 16-bit app support"
-          - "socket = /tmp/grafana.sock"
+          - "\\[(font|extension|file)s\\]"
+          - "socket\s*=\s*\/tmp\/grafana\.sock"
         condition: or
 
       - type: status