Wi-Fi Test Suite contains a vulnerability that allows elevation of privilege and Remote Code Execution (RCE) attacks – and since there is no patch, and no word if there ever will be, users are advised to replace the affected endpoints , or at least stop using it until there is some form of resolution.
The Wi-Fi Test Suite is a certification toolset, developed by the Wi-Fi Alliance, and used to test, validate, and ensure the interoperability and performance of Wi-Fi devices based on Wi-Fi standards.
This suite contains a variety of tests that cover different aspects of Wi-Fi functionality, such as connectivity, throughput, security, and coexistence with other wireless technologies.
No patch yet
According to the CERT Coordination Center (CERT/CC), this toolset contains a command injection vulnerability, which allows threat actors to execute arbitrary commands with root privileges on affected routers. The routers affected by this vulnerability appear to come from Arcadyan, a Taiwan-based hardware manufacturer. To exploit the flaw, the threat actor simply needs to send a specially crafted packet to the vulnerable device.
What’s interesting here is that the test suite was never designed for use in production environments. The goal was to support the development of certification programs and device certification, the CERT Coordination Center said. However, it somehow made its way into commercial routers, causing the vulnerability to trickle down to households and possibly small businesses.
The hacker news says the Taiwanese router maker isn’t building a patch for this vulnerability, and there’s no word if it ever will. Therefore, other vendors using the Wi-Fi Test Suite are advised to uninstall or update it to version 9.0 or higher, which will minimize the risk of exploitation.
Because they are ubiquitous and a gateway for all data, routers are one of the most targeted endpoint devices in cyber attacks. That’s why using routers from reputable manufacturers, and keeping them secure and up to date, remains crucial in cybersecurity best practices.