The Wi-Fi Alliance testing suite presents a concerning security vulnerability.
Criminals could execute malicious code remotely simply by sending a specific packet.
A vulnerability has been found in the Wi-Fi Test Suite, a certification toolset developed by the Wi-Fi Alliance, which allows for privilege escalation and remote code execution attacks. Currently, there is no patch available to address this issue, and it has not been confirmed whether a fix will be developed in the future. Therefore, users are advised to replace the affected endpoints or, at the very least, to stop using them until a resolution is achieved.
The Wi-Fi Test Suite is used to test, validate, and ensure the interoperability and performance of Wi-Fi devices in compliance with the standards of this technology. This toolset includes various tests that evaluate aspects such as connectivity, performance, security, and coexistence with other wireless technologies.
According to the CERT Coordination Center (CERT/CC), the suite has a command injection vulnerability that could allow attackers to execute arbitrary commands with root privileges on the affected routers. The devices in question appear to be from Arcadyan, a hardware manufacturer based in Taiwan. To exploit this vulnerability, an attacker only needs to send a specially crafted packet to the vulnerable device.
It is noteworthy that the Wi-Fi Test Suite was never intended to be used in production environments; its purpose was to support the development of certification programs and the certification of devices. However, for unspecified reasons, it ended up being integrated into commercial routers, meaning the vulnerability has reached homes and possibly small businesses.
The source mentions that the Taiwanese manufacturer has no plans to create a patch for this vulnerability, and there is no information on whether one will be developed in the future. Consequently, other vendors using the Wi-Fi Test Suite are advised to remove it or to update to version 9.0 or later to mitigate the risk of exploitation.
Given that routers are ubiquitous and serve as a gateway for all data, they are among the most attacked end devices in cyberattacks. Therefore, it is crucial to use routers from trusted manufacturers and to keep them secure and up to date as part of cybersecurity best practices.
