Security Flaw – MAC address filtering
version 7.7.3
Hello,
I want to share with the community a security flaw with AirPort devices when using MAC address filtering (Timed Access Control). In a nutshell, enabling “time access control,” which is MAC address filtering with the option to set time limits, or removing devices enabled in timed access control does NOT take effect until you forcibly reboot all AirPort devices using the AirPort Utility (unplugging does not work) AirPort Utility > Base Station > Restart. In other words, do not trust the GUI when enabling MAC address filtering or removing allowed devices; you need to restart all AirPort devices using AirPort Utility.
Test it your self! If you’re currently using MAC address filtering just remove a device, and watch it able to join the network again. I do have a case open with Apple about this.