Huge security vulnerability

My sensor is showing and updating on the map, and I also have a network PurpleAir-xxxx on my network list. I can connect to the PurpleAir network, and get the PurpleAir config screen which says “WiFi Connected Looking good!”

I’m not using 192.168.4.0 subnet. My network to which the sensor is successfully connected has internet access, which is why the sensor shows on the map. (And the map shows signal strength “good”)

Anyone in range, therefore, can connect to my sensor and tamper with the settings, easily knocking it offline, for example.

1 Like

Hello Michael,

The PurpleAir-**** network should become unavailable after the device has bee configured to WiFi. Feel free to email us with your device ID so we can investigate further.

Thank you

It is behaving correctly now. Thank you.