CVE-2017-18816

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in NETGEAR ReadyNAS OS 6 devices running firmware versions prior to 6.8.0 [1]. The vulnerability allows an attacker with administrative privileges to inject malicious scripts into the web interface, which are then stored and served to other users when they access the affected page.

Exploitation

To exploit this vulnerability, an attacker must have administrative access to the ReadyNAS device (high privileges) and then inject a crafted script into a vulnerable input field. The stored script will be executed in the browser of any user who views the affected page, requiring user interaction (e.g., clicking a link or viewing the page) [1]. The CVSS vector indicates local access (AV:L) and user interaction (UI:R) are required.

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's session. This can lead to information disclosure, session hijacking, or other actions performed as the victim user. The CVSS score of 5.2 (Medium) reflects low impact on confidentiality, integrity, and availability, with a changed scope [1].

Mitigation

NETGEAR has released firmware version 6.8.0 which fixes this vulnerability. Users are strongly recommended to update their ReadyNAS OS 6 devices to the latest firmware as soon as possible [1]. No workarounds are provided in the advisory.