From aece783ceeda29b56db4285fc6f64d004ecdc64d Mon Sep 17 00:00:00 2001
From: Heyder Andrade <heyder.andrade@gmail.com>
Date: Mon, 17 Oct 2022 01:11:27 +0200
Subject: [PATCH] Added reference to user auto-detect method

---
 .../http/fortinet_authentication_bypass_cve_2022_40684.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md b/documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md
index 220a128195..9af11d9b73 100644
--- a/documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md
+++ b/documentation/modules/exploit/linux/http/fortinet_authentication_bypass_cve_2022_40684.md
@@ -19,8 +19,8 @@ The following products are affected:
 ### Exploitation
 
 This module will abuse the authentication bypass vulnerability in the affected products to add a new ssh public
-key in the authorized keys of the target user and then connect over ssh to the target system. If no ssh private
-key is provided this module will automatically generate one.
+key in the authorized keys of the target user (if no user is provied it'll try to detect it) and then connect
+over ssh to the target system (if no ssh private key is provided this module will automatically generate one).
 
 To do so it will add the following header in all HTTP requests:
 ```