A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate…
hpe·CWE-300·Published 2026-03-04
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or modification of traffic intended for the legitimate network gateway via a Machine-in-the-Middle (MitM) position.
A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or modification of traffic intended for the legitimate network gateway via a Machine-in-the-Middle (MitM) position.
Se ha identificado una vulnerabilidad donde un atacante que se conecta a un punto de acceso como un cliente cableado o inalámbrico estándar puede suplantar una puerta de enlace aprovechando una técnica de suplantación basada en direcciones. La explotación exitosa permite la redirección de flujos de datos, permitiendo la interceptación o modificación del tráfico destinado a la puerta de enlace de red legítima a través de una posición de Hombre en el Medio (MitM).
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 4.3 | — | — | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
| 3.1 | Primary | NVD | 4.2 | 1.6 | 2.5 | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
| 3.1 | Secondary | NVD | 4.3 | 2.8 | 1.4 | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |