Netgear TLS Private Key Disclosure through Device Firmware Images

You can’t, without significantly weakening the security of current infrastructure.

I’m probably going to be crucified for this, but in my opinion not using https inside a standard home network isn’t probably that bad. If someone compromises either the endpoint or the router from outside, you’d be already screwed.

At enterprise level you’d manage a pki anyways.

Thanks to the Courtesy of :

https://www.reddit.com/r/netsec/comments/erdcgb/netgear_tls_private_key_disclosure_through_device/

Leave a Reply