Researchers discover massive Wi-Fi vulnerability affecting multiple access points — AirSnitch lets attackers on the same network intercept data and launch machine-in-the-middle attacks

Researchers from the University of California, Riverside uncovered a significant Wi-Fi vulnerability named AirSnitch, which enables attackers on the same network to intercept data and execute machine-in-the-middle attacks. AirSnitch exploits weaknesses in Wi-Fi security by not cryptographically linking client MAC addresses, Wi-Fi encryption keys, and IP addresses, allowing attackers to assume the identity of other devices. The vulnerability was found in popular home routers, open-source firmwares, and university enterprise networks, indicating a systemic issue with Wi-Fi architecture. While the attack is complex, the researchers urge the industry to address this flaw and enhance client isolation protocols to prevent such exploits in the future.