High severity7.5NVD Advisory· Published Dec 8, 2020· Updated Jun 17, 2026
CVE-2020-28946
CVE-2020-28946
Description
An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single unauthenticated GET request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Plum/IK-401description
Patches
Vulnerability mechanics
References
2- www.cert.pl/news/single/coraz-wiecej-urzadzen-przemyslowych-podlaczonych-do-internetu/nvdExploitThird Party Advisory
- plummac.com/project/ik-401/nvdProductVendor Advisory
News mentions
0No linked articles in our index yet.