Overview
On or about March 2026, third-party researchers publicly disclosed a class of Wi-Fi attacks referred to as AirSnitch, describing weaknesses in client isolation behavior in certain Wi-Fi environments. According to the published research, these attacks may allow an authorized wireless-connected attacker to bypass client isolation protections and intercept or manipulate traffic under certain network conditions. The research further states that these attacks can affect a range of devices and environments, including consumer, open-source, and enterprise platforms.
We appreciate the team at the University of California, Riverside, who notified us in early January 2026. After reporting the EOL/EOS model, they agreed to test our M30/M60 current (non-US) Wi-Fi Router offers. They were able to duplicate this issue, and a patch was provided for testing on the M60 available below.
D-Link has reviewed the published findings regarding our products. Based on our assessment, the issue is relevant to the M60 guest network/client isolation context, for which a mitigation has been prepared, and to the DIR-3040, which is an End of Life (EOL) / End of Service (EOS) product. The published research specifically listed the DIR-3040 among tested devices.
To fully mitigate this issue, the Wi-Fi Alliance (WFA), our chipset suppliers, and finished goods vendors are discussing the best process to address Wi-Fi isolation, which will require action from each partner. In the meantime, we have patched a test firmware that will isolate the guest network and the home network clients. We will continue to release patches for the guest network issue identified and mitigated, and will continue to release them once mitigation is available.
D-Link takes network security and user privacy very seriously. We maintain dedicated product, engineering, and security response resources to investigate reported issues, assess product impact, and implement mitigations where appropriate.
Report information
3rd Party Research
AirSnitch research presented at the 2026 Network and Distributed System Security Symposium (NDSS) by Xin’an Zhou and co-authors, as summarized in the attached disclosure material.
Issue: Client Isolation / Guest Network Segmentation Bypass
Description:
The published research describes a set of attacks that target weaknesses in Wi-Fi client isolation by exploiting behaviors across lower network layers. In affected conditions, an attacker with wireless access may be able to bypass intended isolation boundaries and place themselves in a position to intercept or manipulate traffic. The research states this may occur even across separate SSIDs in some implementations when internal infrastructure is shared.
Important note:
Based on the attached disclosure, this issue is best characterized as a bypass of client isolation protections, not a break of Wi-Fi authentication or encryption itself.
Affected Models
|
Model
|
Affected Software / Status
|
Region
|
Fixed Release
|
Last Updated
|
|
M60
|
Guest network / client isolation behavior under further product-specific assessment
|
Global / Non-US
|
Patched Beta firmware available Link here
|
4/5/26
|
|
DIR-3040
|
Product listed among tested devices in the published research; product is EOL / EOS
|
Global
|
No further firmware updates planned due to lifecycle status
|
4/5/26
|
Lifecycle note for DIR-3040:
The DIR-3040 is an End of Life / End of Service product. As a result, D-Link does not plan further firmware development for this model. The attached research specifically names the DIR-3040 among the devices tested.
Regarding the Security Update for Your D-Link Device
Installing software updates is critical to maintaining the security of your D-Link devices. D-Link strongly urges all users of affected and supported products to install the latest available firmware and to regularly check for further updates.
For M60 users, D-Link recommends upgrading to the latest firmware release that includes the guest network/client isolation mitigation. After installing the update, users should confirm that the firmware version shown in the product interface matches the intended release version.
For DIR-3040 users, because the product is EOL / EOS, no further firmware updates are planned. Users should consider replacing the product with a currently supported D-Link model that continues to receive security maintenance.
As an additional best practice, users should:
- avoid relying solely on guest/client isolation as a complete security boundary,
- use strong Wi-Fi credentials,
- keep all client devices updated,
- prefer encrypted application traffic, and
- Review network segmentation design for sensitive environments.
The attached disclosure indicates that some mitigations may be possible at the device firmware level, while some broader underlying behaviors may also depend on implementation details below the application layer, including chipset or infrastructure behavior.
NOTE
Our products may have different hardware revisions and region-specific firmware releases. Please verify your device model, hardware revision, and current firmware version before downloading and installing any update. The hardware revision can typically be found on the product label or in the device web interface.