diff --git a/ManageEngine/CVE-2020-10189/CVE-2020-10189.gif b/ManageEngine/CVE-2020-10189/CVE-2020-10189.gif
new file mode 100644
index 0000000..843e1ae
Binary files /dev/null and b/ManageEngine/CVE-2020-10189/CVE-2020-10189.gif differ
diff --git a/ManageEngine/CVE-2020-10189/README.md b/ManageEngine/CVE-2020-10189/README.md
new file mode 100644
index 0000000..31aa6ac
--- /dev/null
+++ b/ManageEngine/CVE-2020-10189/README.md
@@ -0,0 +1,9 @@
+# CVE-2020-10189 Zoho ManageEngine Desktop Central 10 getChartImage rce
+
+Zoho ManageEngine Desktop Central 10 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets.
+
+**[FOFA](https://fofa.so/result?qbase64=YXBwPSJab2hvLU1hbmFnZUVuZ2luZS1EZXNrdG9wIg%3D%3D) query rule**: app="Zoho-ManageEngine-Desktop"
+
+# Demo
+
+![](CVE-2020-10189.gif)