CVE-2017-18813

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in NETGEAR ReadyNAS OS 6 devices running firmware versions prior to 6.8.0. The flaw allows an attacker with administrative privileges to inject arbitrary JavaScript or HTML into the web interface, which is then stored and executed in the context of other users' sessions. All ReadyNAS OS 6 models are affected [1].

Exploitation

To exploit this vulnerability, an attacker must have local access to the device and possess high privileges (e.g., administrator). The attacker injects malicious script into a stored field (e.g., share name, description) that is later rendered without proper sanitization. Successful exploitation requires user interaction, such as an administrator viewing the affected page. The CVSS vector indicates a local attack vector with high privileges and user interaction required [1].

Impact

A successful attack leads to low impact on confidentiality, integrity, and availability. The attacker can execute arbitrary script in the context of the victim's browser, potentially stealing session cookies, defacing the interface, or performing actions on behalf of the victim. The scope is changed, meaning the injected script can affect resources beyond the vulnerable component [1].

Mitigation

NETGEAR released firmware version 6.8.0 to address this vulnerability. Users are strongly advised to update their ReadyNAS OS 6 devices to the latest firmware as soon as possible. The update can be obtained from the NETGEAR Support website. No workarounds are provided; the vulnerability is only fixed by upgrading [1].