CVE-2026-23812
CWE-300Published: March 4, 2026· Updated: Mar 9, 2026
Official Description
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or modification of traffic intended for the legitimate network gateway via a Machine-in-the-Middle (MitM) position.
Technical Analysis
CVE-2026-23812 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
Official Patches & Advisories
All References (1)
Quick Facts
Related CVEs (CWE-300)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-23812 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts