CVE-2017-18820

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in NETGEAR ReadyNAS OS 6 devices running firmware versions prior to 6.8.0. The flaw allows an authenticated attacker with administrative privileges to inject malicious scripts that are stored on the device and later executed in the context of other users' browsers when they access affected pages [1].

Exploitation

To exploit this vulnerability, an attacker must have administrative access to the ReadyNAS device (i.e., a user with high privileges) and the ability to submit crafted input that is not properly sanitized. The attacker then stores the malicious payload, which is later rendered when other users (including other administrators) view the affected interface. User interaction is required for the victim to trigger the script execution [1].

Impact

Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the victim's browser session. This can lead to disclosure of sensitive information, session hijacking, or other client-side attacks. The CVSS v3 score is 5.2 (Medium) with vector CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L, indicating limited impact on confidentiality, integrity, and availability [1].

Mitigation

NETGEAR has released firmware version 6.8.0 to address this vulnerability. Users are strongly advised to update their ReadyNAS OS 6 devices to the latest firmware as soon as possible. No workarounds are provided; the only mitigation is applying the firmware update [1].