Big Wi-Fi hole reported

[botrytis]

https://arstechnica.com/gadgets/2021/05/farewell-to-firewalls-wi-fi-bugs-open-network-devices-to-remote-hacks/?amp=1

[AudioDoctor]

I wonder how well this works on a wifi access point that is not also a router. Now that I think I have to worry much, but it's still interesting.

[accwai]

16 hours ago, AudioDoctor said:

I wonder how well this works on a wifi access point that is not also a router.

 

This is way over my head but my impression of the problem is fake traffic can be injected in the form of unencrypted wifi packet fragments. If that's the case, the wifi client devices can be forced into picking up phony dns without involvement from any upstream router/dhcp server. This sounds extremely serious as any wardriver with a big enough antenna can redirect your traffic and grab your userid/password just like that. But wouldn't private dns on client devices cause the fake dns to be dropped and bypass the problem? Also, wouldn't encrypting most app level traffic inside the compromised wifi pipe at least make sure most of your data can't be snooped? And wouldn't isolating lan traffic originating from wifi devices into a low trust segment contain the problem so it won't spill over to the main lan?

 

The above might well be total daydream of course. So would the real network experts here clarify the real nature of the problem and what that would imply?