A missing authorization check in Zyxel GS1200 series firmware allows an unauthenticated attacker on the local network to read the device configuration from a log file by sending a specially crafted HTTP request. The flaw is a classical missing authorization weakness that enables disclosure of sensitive network settings such as VLAN assignments, port bindings, and administrative credentials stored in the configuration logs. This can provide an attacker with the information needed to plan further attacks against the network.

The vulnerability affects Zyxel GS1200 switches. For the GS1200-5v3 model, firmware versions up to 1.00(ACPS.2)C0 are susceptible. For the GS1200-8v3 model, firmware versions up to 1.00(ACPT.2)C0 are vulnerable. For the GS1200-5HPv3 model, firmware versions up to 1.00(ACPU.2)C0 are impacted. For the GS1200-8HPv3 model, firmware versions up to 1.00(ACPV.2)C0 are affected. For the GS1200-10v3 model, firmware versions up to 1.00(ACPW.2)C0 are at risk.

The CVSS score of 6.5 categorizes the flaw as a medium severity vulnerability. While the EPSS score is not available, the absence of a listing in the CISA KEV catalog indicates no known widespread exploitation at the time of this analysis. Attackers must be able to communicate with the switch over the local network, send the crafted HTTP request, and capture the resulting log file contents. No privilege escalation is required, but the resulting information disclosure could facilitate more sophisticated network attacks. The risk is therefore moderate, with impact limited to devices on the same LAN segment that expose the HTTP management interface.