CVE-2017-18811

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in NETGEAR ReadyNAS OS 6 devices running firmware versions prior to 6.8.0 [1]. The vulnerability is present in the web interface and can be exploited by an authenticated high-privileged user who can inject malicious scripts that are stored on the device and later executed in the context of other users' browsers when they access the affected page.

Exploitation

An attacker must have authenticated access to the ReadyNAS device with high privileges (administrator-level) [1]. The attacker then submits crafted input containing malicious script code, which is stored on the device without proper sanitization. When another user (including one with lower privileges) views the affected page, the injected script executes in their browser, potentially allowing the attacker to perform actions in the context of that user.

Impact

Successful exploitation leads to stored cross-site scripting, enabling the attacker to execute arbitrary JavaScript in the context of the victim's session. This can result in disclosure of session tokens, manipulation of web content, or limited loss of integrity and availability (CVSS v3 score 5.2, medium severity) [1]. The attacker gains the ability to impersonate the victim or perform actions on their behalf within the application.

Mitigation

NETGEAR has released fixed firmware version 6.8.0 to address this vulnerability [1]. All ReadyNAS OS 6 devices should be updated to version 6.8.0 or later as soon as possible. There is no stated workaround for unpatched versions. Users should download the firmware from NETGEAR Support and follow the installation instructions provided in the product documentation.