Unrated severityNVD Advisory· Published Apr 20, 2020· Updated Aug 5, 2024

CVE-2017-18825

Description

Certain NETGEAR devices are affected by stored XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before 12.0.2.15, M4300-48X before 12.0.2.15, and M4200 before 12.0.2.15.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stored cross-site scripting in NETGEAR M4300 and M4200 switches prior to firmware 12.0.2.15 allows a high-privileged attacker to inject malicious scripts.

Vulnerability

A stored cross-site scripting (XSS) vulnerability exists in the web interface of multiple NETGEAR fully managed switch models, including M4300-28G, M4300-52G, M4300-28G-POE+, M4300-52G-POE+, M4300-8X8F, M4300-12X12F, M4300-24X24F, M4300-24X, M4300-48X, and M4200, all running firmware versions prior to 12.0.2.15 [1]. The stored XSS allows an attacker to inject arbitrary web script or HTML that is persistently stored on the device and later rendered in the management interface.

Exploitation

Exploitation requires an attacker with high privileges (administrative access) to the device's management interface and user interaction, as the CVSS vector AV:L/AC:L/PR:H/UI:R indicates [1]. The attacker would need to inject malicious script into a stored field (e.g., configuration parameters) via the web interface. When another administrator or user views the affected page, the script executes in their browser context.

Impact

Successful exploitation could lead to partial compromise of confidentiality, integrity, and availability (CVSS v3 base score 5.2, Medium) [1]. The attacker could potentially perform actions within the context of the victim's session, such as altering device settings or exfiltrating sensitive information displayed in the management interface.

Mitigation

The vulnerability is fixed in firmware version 12.0.2.15 for all affected models [1]. Users should update to the latest firmware via NETGEAR Support. No workaround is described; the vendor strongly recommends applying the update.

References

Security Advisory for Stored Cross Site Scripting on Some Fully Managed Switches, PSV -2017-1941

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

NETGEAR/M4300-28Gdescription
Netgear/M4300-28Gllm-fuzzy
Range: <12.0.2.15
Netgear/M4200llm-fuzzy
Range: <12.0.2.15
Netgear/M4300-52Gllm-fuzzy
Range: <12.0.2.15

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.netgear.com/000049040/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Some-Fully-Managed-Switches-PSV-2017-1941mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000