NETGEAR TLS Certs Exposure – Expert Source

By   ISBuzz Team
Writer , Information Security Buzz | Jan 24, 2020 07:40 am PST

NETGEAR recently issued a security advisory about a Transport Layer Security (TLS) certificate private key disclosure vulnerability on several of its routers. And this is apparently not the first time the company left TLS certificates and private keys exposed in their wireless router firmware.

The certificates and their private keys were embedded into the software, which was available to download for free on a public website where anyone could find it, and with a little skill read the private key. The keys could be used to intercept and tamper with secure connections (man-in-the-middle attacks) and essentially, any of the compromised routers can be hijacked.