The keys could be used to intercept and tamper with secure connections (man-in-the-middle attacks) and essentially, any of the compromised routers can be hijacked.
Recently Netgear, a computer networking company was found to have vulnerabilities in the firmware of its wireless routers. The report was made by Nicholas Starke who is a threat researcher at Aruba Networks along with Tom Pohl, the head of software architecture at Businessolver.
According to the duo, they were generally looking for vulnerabilities in the company’s firmware when they stumbled upon private keys of signed TLS certificates publicly available.
For the unfamiliar, every Netgear device comes with a minimum of two running signed TLS certificates. The private keys of these could be used to decrypt any traffic passing through that device and hence would naturally put the user at risk exposing all of their traffic.
See: New security flaws can turn Netgear Routers into army of botnets
Furthermore, these keys could be downloaded from Netgear’s support website without any authentication measures in place making it an open house.
The models compromised include R8900, R9000, RAX120 and XR700 wireless routers. Due to no patch having been released yet despite a response by Netgear on Monday, it has advised users to go with the following 2 options until the issue has been fixed:
Use the Netgear Nighthawk app
Use the HTTP version of routerlogin.com instead of the usual https, this is indeed something that is highly embarrassing for the company.
However, the key concern here m ..
Support the originator by clicking the read the rest link below.
