FlashRouters Privacy News Center

Nicholas Starke, threat researcher at Aruba Networks, and Tom Pohl, head of software architecture at Businessolver, have found vulnerabilities in the default firmware of Netgear routers, specifically the R9000, the R8900, the RAX120, and the XR700.

Every Netgear device comes with a minimum of two running signed TLS certificates. The vulnerability Starke and Pohl discovered shows that the private keys of signed TLS certificates for several Netgear routers are publicly available. Access to these private keys would allow a hacker access to decrypt any traffic passing through the device.

These keys could be downloaded from Netgear’s support website without any authentication. No patch has been released for this firmware flaw.

A recommended solution is flashing your router with Open Source DD-WRT firmware, to avoid any bugs or backdoors in Netgear’s system.

FULL ARTICLE

Latest

Popular

Vacation Rental WiFi Tips: Top Routers for Airbnb Hosts & Landlords

Best VPN Providers for Static IP or Dedicated IP Addresses in 2025

What Are the Best VPN Routers of 2024?

Privacy Hero Feature Spotlight #1 – Plug n Play VPN

What Are the Most Popular & Best DD-WRT Routers This Year?

How To Set Up A Repeater Bridge in DD-WRT

The Difference Between Wireless-N, Wireless-AC, Wireless-AD, Wi-Fi 6, and Wi-Fi 6E

The Differences Between Single Band, Dual Band, And Tri Band Routers (FlashRouters FAQ)

Featured Router

NordLynx WiFi 6 Router – Privacy Hero

Features

ABOUT US

CONNECT

QUICK LINKS