Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.2
TP-Link Router Allows Hackers to Steal Data by Pretending to be the Internet
CVE-2026-23812
Summary
Hackers can intercept and modify your internet traffic by pretending to be your router. This is a serious security risk because it allows them to steal sensitive information like passwords and financial data. To protect yourself, update your router's software and use a secure network connection.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| arubanetworks | arubaos | > 6.5.4.0 , <= 8.10.0.21 | – |
| arubanetworks | arubaos | > 8.11.0.0 , <= 8.12.0.6 | – |
| arubanetworks | arubaos | > 8.13.0.0 , <= 8.13.1.1 | – |
| arubanetworks | arubaos | > 10.3.0.0 , <= 10.4.1.10 | – |
| arubanetworks | arubaos | > 10.5.0.0 , <= 10.7.2.2 | – |
| arubanetworks | arubaos | 10.8.0.0 | – |
Original title
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing techniqu...
Original description
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or modification of traffic intended for the legitimate network gateway via a Machine-in-the-Middle (MitM) position.
nvd CVSS3.1
4.3
Vulnerability type
CWE-300
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026