diff --git a/Crestron/CVE-2022-23178/Crestron_Hd_Md4X2_Credential_Disclosure_CVE_2022_23178.gif b/Crestron/CVE-2022-23178/Crestron_Hd_Md4X2_Credential_Disclosure_CVE_2022_23178.gif
new file mode 100644
index 0000000..c4ae8e1
Binary files /dev/null and b/Crestron/CVE-2022-23178/Crestron_Hd_Md4X2_Credential_Disclosure_CVE_2022_23178.gif differ
diff --git a/Crestron/CVE-2022-23178/README.md b/Crestron/CVE-2022-23178/README.md
new file mode 100644
index 0000000..c433b62
--- /dev/null
+++ b/Crestron/CVE-2022-23178/README.md
@@ -0,0 +1,10 @@
+
+# Crestron Hd-Md4X2 Credential Disclosure (CVE-2022-23178)
+
+restron Hd-Md4X2-4K-E is a simple-to-use UHD signal switcher with four HDMI inputs and two HDMI outputs from Crestron, USA.Crestron Hd-Md4X2-4K-E has an information disclosure vulnerability, attackers can obtain WEB user login credentials and further control the system.
+
+FOFA **query rule**: [body="js/top.js" && body="document.onmousedown = ReCalculate;"](https://fofa.info/result?qbase64=Ym9keT0ianMvdG9wLmpzIiAmJiBib2R5PSJkb2N1bWVudC5vbm1vdXNlZG93biA9IFJlQ2FsY3VsYXRlOyI%3D)
+
+# Demo
+
+![MCMS_5_2_4_Arbitrary_File_Upload](MCMS_5_2_4_Arbitrary_File_Upload.gif)