PurpleAir-XXXX wifi still showing up even though device on our wifi

Hello All – I am trying to figure out why my PA-II built-in wifi is still showing up even though the device is connected to our wifi and shows all good when connected.

I read in the docs that once the PA-II is connected to your wifi the built-in wifi will be turned off but I clearly still see it and can connect to it while it still connected to my wifi and when I do I can see what wifi the device is connected to.

Anyone have any insights into this and/or why the PurpleAir-XXXX network would still be showing up?

Hi @PushingCupid8, what brand of router are you using? Is it an Eero router?

Also, the PurpleAir-**** network will disappear after it connects to WiFi with an internet connection. Is an internet connection currently available? You can test this by trying to browse the internet on a mobile device with mobile data disabled.

Hi @Ethan_Breinholt - Thank you for the response. Let’s see I have a opnsense hardware appliance that handles my routing.

Ahh OK so it has some kind of internet connectivity check for disabling the PurpleAir-XXXC wifi. Do you happen to know what ip/dns the purpleair device calls out to for internet connectivity validation? I can dig in my firewall and/or dns logs to see if something is blocking it. Oh I suppose I can go check those now even but having the info from you would be great as well.

Thank you again for the assist.

It would appear I am in the same boat. My sensor is connected (I see it in my router devices), my laptop is connected to the same network, but the purple-xx network won’t go away.

Check your ip addresses. If you’re using the 192.168.4.x subnet, you’ll have this issue.

Hi @Ganon thanks for tip. My device is on a different subnet than that but good thinking.

One thing I did notice while working on a a local data scraping project is that my device returns within the json which seems to make me wonder more about if the device is calling out to somewhere that I am blocking in my network. I havent dug too much into finding out what its calling out to yet.

 'httpsends': 16,
 'httpsuccess': 0,

Same situation here. My sensor is showing and updating on the map, and I also have a network PurpleAir-xxxx on my network list. I can connect to the PurpleAir network, and get the PurpleAir config screen which says “WiFi Connected Looking good!” I’m not using 192.168.4.0 subnet. My network to which the sensor is successfully connected has internet access, which is why the sensor shows on the map. (And the map shows signal strength “good”).

@Ethan_Breinholt wondering if you all have heard any other complaints about this issue?

If nothing else, this seems like an unacceptable security vulnerability because anyone in range can connect to my sensor and tamper with the settings.

If nothing else, this seems like an unacceptable security vulnerability because anyone in range can connect to my sensor and tamper with the settings.

Could be worse.

@PushingCupid8

Are you running piHole, maybe? Double NAT?

I am def running PiHole on every VLAN in my network. :smiley:

So I just need to figure out what is being blocked that the device is trying to talk to outside of my network to to validate connectivity to then turn off the built in WiFi.

Anyone happen to know what that is? Maybe a subdomain of purpleair.com or an ntp server maybe?

This is a valid point and to even extend that further what if the person connecting to device can figure out how to extract the user wifi password from the plaintext file it is being written to on the device. This could potentially be done using a directory traversal attack (Path Traversal | OWASP Foundation) against the web front end. Not sure if PurpleAir has had any security testing done.

Then said attacker would have access to your wifi network. Which is also why I have all my IoT devices on a VLAN restricted to only Internet vs any Intranet access and trackers blocked as well as monitoring in place.