Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
3.1
Wi-Fi Access Point Allows Malicious Frame Injection
CVE-2026-23810
Summary
If an attacker is already connected to a Wi-Fi network, they may be able to trick the access point into decrypting and re-encrypting certain traffic in a way that lets them intercept and modify communications. This could allow the attacker to eavesdrop on and alter sensitive information, like passwords or financial data. To protect your network, ensure that your access points are updated with the latest security patches.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| arubanetworks | arubaos | > 6.5.4.0 , <= 8.10.0.21 | – |
| arubanetworks | arubaos | > 8.11.0.0 , <= 8.12.0.6 | – |
| arubanetworks | arubaos | > 8.13.0.0 , <= 8.13.1.1 | – |
| arubanetworks | arubaos | > 10.3.0.0 , <= 10.4.1.10 | – |
| arubanetworks | arubaos | > 10.5.0.0 , <= 10.7.2.2 | – |
| arubanetworks | arubaos | 10.8.0.0 | – |
Original title
A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addr...
Original description
A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries.
nvd CVSS3.1
4.3
Vulnerability type
CWE-300
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026