CVE-2017-18812

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in NETGEAR ReadyNAS OS 6 devices running firmware versions prior to 6.8.0 [1]. The vulnerability allows an authenticated attacker to inject arbitrary web script or HTML into the device's web interface, which is then stored and executed in the context of other users' sessions. Affected models include all ReadyNAS OS 6 devices [1].

Exploitation

To exploit this vulnerability, an attacker must have authenticated access to the ReadyNAS device with high privileges (e.g., administrator) [1]. The attacker then injects malicious script into a vulnerable input field (e.g., device name, share description) that is stored by the application. When another user (including the attacker) views the affected page, the script executes in their browser. The CVSS vector indicates user interaction is required, meaning the victim must perform an action such as clicking a link or viewing a specific page [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's browser session. This can lead to session hijacking, defacement, or redirection to malicious sites. The impact is limited to the web interface and does not directly compromise the underlying operating system. The CVSS score is 5.2 (Medium) with low confidentiality, integrity, and availability impacts [1].

Mitigation

NETGEAR has released firmware version 6.8.0 to address this vulnerability [1]. Users are strongly advised to update their ReadyNAS devices to the latest firmware available from NETGEAR Support. No workarounds are provided. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.