The findings, in brief
- 11 routers and firmware images from 9 vendors — Cisco, Netgear, D-Link, ASUS, TP-Link, Ubiquiti, Tenda, LANCOM, plus DD-WRT and OpenWrt — and every single one fell to at least one bypass.
- Three attack categories (GTK abuse, gateway bouncing, port stealing), achieving full machine-in-the-middle across WPA2, WPA3, and Passpoint.
- No CVE. Client isolation was never defined in the IEEE 802.11 standard — so the failure is architectural, not a single bug in a single product.
Client isolation is the quiet workhorse of guest Wi-Fi, conference networks, and hospital floors: the setting that’s supposed to stop the laptop two seats over from reaching your device. Zhou’s team — working with KU Leuven’s Mathy Vanhoef — found it was never standardized, and never reliably enforced. He has since joined Palo Alto Networks; we spoke after his NDSS presentation in San Diego.
You tested 11 routers and broke all of them. Did that surprise you?
The completeness surprised us — every device, at least one bypass. But the root cause didn’t, once we understood it. Client isolation isn’t in the 802.11 standard. Every vendor implemented it on their own, at different layers, with no shared definition of what “isolated” even means. When there’s no spec, you get inconsistent and incomplete enforcement. We just had to find where each one stopped enforcing.
Who should be most worried?
The biggest concern is for enterprise environments. Enterprise systems usually protect their networks using the most advanced encryption. So that means enterprises are seemingly relying on a fake sense of security.
The encryption is doing its job. The problem is the layer above it — the assumption that two authenticated clients on the same network can’t reach each other. That assumption was never enforced the way people think it was.
Enterprises are seemingly relying on a fake sense of security.
— Xin’an Zhou, Palo Alto Networks, lead author of AirSnitch
There’s no CVE for this. How is a defender supposed to act on that?
Right — there’s no single patch, because there’s no single flaw. Responsibility is spread across vendors and configurations. A standards-level fix from IEEE is the real answer, and that takes years to reach hardware that’s already deployed. More work is still needed to define and standardize a strong definition of client isolation.
In the meantime, don’t treat the network layer as a trust boundary. Authenticate and isolate at a layer you actually control.
11/11
Routers vulnerable to at least one bypass
3
Attack categories — full machine-in-the-middle
0
CVEs — the gap is architectural
The SecureW2 read
AirSnitch is the wireless-layer version of a pattern we cover constantly: a trust boundary that exists only by convention, not by cryptography. When the network can’t be trusted to keep clients apart, identity has to do it instead — per-device certificates and policy that travel with the device, not the SSID. That’s the layer a defender actually controls.
Quotes are drawn from the AirSnitch paper (NDSS 2026) and Zhou’s public media remarks. Zhou is now at Palo Alto Networks; the AirSnitch research was conducted at UC Riverside. Used here in a design mockup.
