Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
3.1
Wi-Fi Network: Attacker Can Redirect Client Traffic
CVE-2026-23811
Summary
A vulnerability in some Wi-Fi networks allows an attacker to bypass security restrictions and redirect traffic between clients. This could let an attacker intercept sensitive information and take control of communications between clients. Network administrators should update to the latest software to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| arubanetworks | arubaos | > 6.5.4.0 , <= 8.10.0.21 | – |
| arubanetworks | arubaos | > 8.11.0.0 , <= 8.12.0.6 | – |
| arubanetworks | arubaos | > 8.13.0.0 , <= 8.13.1.1 | – |
| arubanetworks | arubaos | > 10.3.0.0 , <= 10.4.1.10 | – |
| arubanetworks | arubaos | > 10.5.0.0 , <= 10.7.2.2 | – |
| arubanetworks | arubaos | 10.8.0.0 | – |
Original title
A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypass...
Original description
A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable a bi-directional Machine-in-the-Middle (MitM) attack.
nvd CVSS3.1
4.3
Vulnerability type
CWE-300
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026