From Wireless LAN Security Threats & Vulnerabilities: A Literature Review (2014 paper): Download: hxxp://research.daffodilvarsity.edu.bd/wp-content/uploads/2014/03/Journal-paper-3.pdf .
I believe that the paper in the last link doesn't mention an important vulnerability: WiFi Protected Setup PIN brute force vulnerability. Another thread on the same vulnerability is Wi-Fi Protected Setup( wps ).
From Practical verification of WPA-TKIP vulnerabilities (2013 paper): Download: hxxps://lirias.kuleuven.be/bitstream/123456789/401042/1/wpatkip.pdf .
From Advanced Wi-Fi attacks using commodity hardware (2014 paper): From the paper (my bolding): Paper download: hxxp://people.cs.kuleuven.be/~mathy.vanhoef/papers/acsac2014.pdf . More info (including source code): http://modwifi.bitbucket.org/.
From The Insecurity of Wireless Networks (2012 paper): Download: hxxp://eslared.net/walcs/walc2012/material/track4/Wireless/06193090.pdf .
Some related Wilders threads: WPA2 Wireless Security cracked? Here's Why Public Wifi is a Public Health Hazard free Wifi and security Forgetting WiFi Networks that don’t require authentication Giving WiFi password to guests Wireless security
A potentially important vulnerability in some implementations of WiFi Protected Setup (in addition to the vulnerabilities mentioned in post #2): Offline attack shows Wi-Fi routers still vulnerable.
Is using WPA mixed mode operation in a network where all wireless clients are WPA2-capable a security concern, given posts #3-5 (especially post #5)?
If the answer is yes, then you may wish to consider using WPA2-PSK [AES] instead of mixed mode if all of your wireless clients work properly with it.
Don't worry, I had interest and reading some of them. This seems interesting, as most study I know are against higher layer such as WEP or WPA (TKIP). One problem sometimes I notice is, ofthe wifi-PSK is showed as 'PASSWORD' where it is not. Common people don't know they are different so just use 10-20 char length 'KEY' so it's vulnerable. Also stelthing SSID and/or MAC filtering might make false sense of security.
That article didn't recommend stealthing SSID, but did recommend changing SSID name. What is the purpose of changing the default SSID?
Yup, WPA mixed mode means TKIP is used to encrypt broadcast data. And TKIP is insecure. The slides of the paper are much easier to understand IMO: http://www.slideshare.net/vanhoefm/acsac2014-presentation
Thank you for the feedback and info, and welcome to Wilders . I've read that mixed mode is the default in many routers.