vass77 | 1 year ago | on: Off-path TCP hijacking in NAT-enabled Wi-Fi networks
Also only works with non encrypted conns (ftp, http), that one should not be using.
And like you say on open or PSK networks you can do worst stuff (if isolation is not enable arp spoofing the default G will be way worst then this)