The Mercusys AC12G (EU) V1 router running firmware AC12G(EU)_V1_200909 is vulnerable to information disclosure due to improper handling of POST requests on the UPnP service port 1900. Specifically, when a POST request lacks the SOAPAction header, the device returns 128 bytes of uninitialized buffer data, potentially leaking sensitive internal memory contents. This vulnerability is identified as CWE-200 (Information Exposure). The CVSS v3.1 base score is 7.3, indicating a high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts on confidentiality, integrity, and availability.

An unauthenticated attacker on an adjacent network can send specially crafted POST requests without the SOAPAction header to the UPnP port 1900 of the affected device and receive 128 bytes of uninitialized memory. This information disclosure could reveal sensitive internal data, potentially aiding further attacks. The vulnerability affects confidentiality, integrity, and availability to a limited extent as per the CVSS vector.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or workaround information is currently available. Until a patch is released, restricting access to the UPnP port 1900 from untrusted networks or disabling UPnP functionality on the device, if possible, may reduce exposure.