diff --git a/SolarWinds/CVE-2020-10148/CVE-2020-10148.gif b/SolarWinds/CVE-2020-10148/CVE-2020-10148.gif
new file mode 100644
index 0000000..452a3b7
Binary files /dev/null and b/SolarWinds/CVE-2020-10148/CVE-2020-10148.gif differ
diff --git a/SolarWinds/CVE-2020-10148/README.md b/SolarWinds/CVE-2020-10148/README.md
new file mode 100644
index 0000000..b3bb47c
--- /dev/null
+++ b/SolarWinds/CVE-2020-10148/README.md
@@ -0,0 +1,9 @@
+# CVE-2020-10148 SolarWinds Orion Local File Disclosure
+
+The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected.
+
+**[FOFA](https://fofa.so/result?q=app%3D%22Solarwinds-Traffic-Management%22&qbase64=YXBwPSJTb2xhcndpbmRzLVRyYWZmaWMtTWFuYWdlbWVudCI%3D&file=&file=) query rule**: app="Solarwinds-Traffic-Management"
+
+# Demo
+
+![](CVE-2020-10148.gif)
\ No newline at end of file