Wi-Fi Alliance test suite has a worrying security flaw

News
By published

Criminals could run malicious code remotely, by simply sending a special package

cables going into the back of a broadband router on white background
(Image credit: Shutterstock)

Wi-Fi Test Suite carries a vulnerability that allows for elevation of privilege and remote code execution (RCE) attacks - and since there is no patch, and no word if there ever will be a patch, users are advised to replace the affected endpoints, or at least stop using them until any sort of resolution.

The Wi-Fi Test Suite is a certification toolset, developed by the Wi-Fi Alliance, and used to test, validate, and ensure interoperability and performance of Wi-Fi devices based on Wi-Fi standards.

This suite includes a variety of tests that cover different aspects of Wi-Fi functionality, such as connectivity, throughput, security, and coexistence with other wireless technologies.

No patch yet

According to the CERT Coordination Center (CERT/CC), this toolset carries a command injection vulnerability, which allows threat actors to execute arbitrary commands with root privileges on affected routers. The routers affected by this vulnerability seem to be from Arcadyan, a Taiwanese-based hardware manufacturer. To exploit the flaw, the threat actor only needs to send a specially crafted packet to the vulnerable device.

What’s interesting here is that the test suite was never designed to be used in production environments - its goal was to support the development of certification programs, and device certification, the CERT Coordination Center says. However, it somehow made it into commercial routers, and thus the vulnerability trickled down to households, and possibly small businesses.

The Hacker News says the Taiwanese router maker is not building a patch for this vulnerability, and there is no word if it ever will. Therefore, other vendors using the Wi-Fi Test Suite are advised to remove it, or update to version 9.0 or later, thus minimizing the risk of exploitation.

Being omnipresent, and a gateway for all data, routers are one of the most targeted endpoint devices in cyberattacks. Therefore, using routers from reputable manufacturers, and keeping them secured and up-to-date, remains pivotal in cybersecurity best practices.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.