PT-2026-43176 · Zyxel · Gs1200-8V3+4

Pierre Hauweele

·

Published

2026-05-26

·

Updated

2026-05-26

·

CVE-2026-4795

CVSS v3.1

6.5

Medium

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Zyxel GS1200-5v3 versions prior to 1.00(ACPS.2)C0 Zyxel GS1200-8v3 versions prior to 1.00(ACPT.2)C0 Zyxel GS1200-5HPv3 versions prior to 1.00(ACPU.2)C0 Zyxel GS1200-8HPv3 versions prior to 1.00(ACPV.2)C0 Zyxel GS1200-10v3 versions prior to 1.00(ACPW.2)C0
Description A missing authorization issue allows an unauthenticated attacker on the local area network (LAN) to read the system configuration from a log file by sending a specially crafted HTTP request.
Recommendations Update GS1200-5v3 to version 1.00(ACPS.2)C0 or later. Update GS1200-8v3 to version 1.00(ACPT.2)C0 or later. Update GS1200-5HPv3 to version 1.00(ACPU.2)C0 or later. Update GS1200-8HPv3 to version 1.00(ACPV.2)C0 or later. Update GS1200-10v3 to version 1.00(ACPW.2)C0 or later.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-09013
CVE-2026-4795

Affected Products

Gs1200-10V3
Gs1200-5Hpv3
Gs1200-5V3
Gs1200-8Hpv3
Gs1200-8V3