A worrying Wi-Fi vulnerability can bypass home and office network encryption - here's how to stay safe

Wi-Fi Client Isolation is not the security measure we thought it was

News By Sead Fadilpašić published 27 February 2026

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter

Get the TechRadar Newsletter

Sign up for breaking news, reviews, opinion, top tech deals, and more.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

An account already exists for this email address, please log in. Subscribe to our newsletter

• UC Riverside researchers found Wi-Fi Client Isolation is “fundamentally broken”
• New AirSnitch attacks enable traffic injection, MitM, and interception of wired devices
• All tested routers vulnerable; experts urge network segmentation and strong end-to-end encryption

Wi-Fi Client Isolation, a security feature which prevents devices on the same network from talking directly to each other, is “fundamentally broken” and can be abused in numerous ways, experts have claimed.

A team of researchers from the University of California, Riverside, published a new research report analyzing how client isolation works across three layers: Wi-Fi encryption, internal packet switching inside access points, and IP routing through the gateway.

Through their research, they discovered multiple new attack techniques that allow a malicious user, connected to the same Wi-Fi network, to inject traffic to other clients, intercept victim traffic, become a full machine-in-the-middle (MitM), and even intercept traffic from internal wired devices.

Widespread issue

The techniques include abusing the shared Wi-Fi group key, gateway bouncing (a Layer-3 routing trick essentially), port stealing (MAC spoofing attack), broadcast reflection (without the need for GTK), a full MitM combination attack that works by combining port stealing and gateway bouncing, and intercepting internal wired devices (via spoofing the MAC address).

These problems seem to be widespread, as every router and network they tested was vulnerable to at least one of these techniques. What’s more, this doesn’t seem to be affecting just home environments - enterprise setups, including real university networks, are equally at risk.

AirSnitch, as the researchers dubbed the vulnerability, “breaks worldwide Wi-Fi encryption, and it might have the potential to enable advanced cyberattacks,” Xin’an Zhou, the lead author on the research, told Ars Technica.

“Advanced attacks can build on our primitives to [perform] cookie stealing, DNS and cache poisoning. Our research physically wiretaps the wire altogether so these sophisticated attacks will work. It’s really a threat to worldwide network security.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors