SoylentNews is people
SoylentNews
Submission Preview
Researchers Discover Massive Wi-Fi Vulnerability Affecting Multiple Access Points
THIS HAS BEEN PRODUCED BY SOFTWARE UNDER DEVELOPMENT - THE CONTENT MAY REQUIRE EXTENSIVE EDITING
Another attack vector is Gateway Bouncing, where the attacker sends data to an access point that’s addressed to a gateway MAC. When the gateway receives it, it sees that Layer 3 IP header, which is the victim’s IP address, but ignores the Layer 2 destination (which is the gateway itself). It then forwards that to the victim, essentially allowing one client to send data to another client without doing so directly. The other two vulnerabilities include MAC spoofing — the attacker can spoof the MAC of the victim, meaning the gateway will forward all downlink traffic to the attacker, or they could spoof the MAC of backend devices, like the gateway, receiving uplink traffic from the target.
The researchers found that these vulnerabilities exist in five popular home routers — Netgear Nighthawk x6 R8000, Tenda RX2 Pro, D-LINK DIR-3040, TP-Link Archer AXE75, and Asus RT-AX57 — two open-source firmwares — DD-WRT v3.0-r44715 and OpenWrt 24.10 — and across two university enterprise [tomshardware.com] networks. This shows that the issue is not just limited to how manufacturers make and program their routers. Instead, it’s a problem with Wi-Fi itself, where its architecture is vulnerable to attackers who know how to take advantage of its flaws.
While this may sound bad, the researchers pointed out that this type of attack is rather complicated, especially with how complicated modern wireless networks have become. Still, that does not mean that manufacturers and standardization groups should ignore this problem. The group hoped that this revelation would force the industry to come together and create a rigorous set of requirements for client isolation and avoid this flaw in the future.
