CVE-2024-35322 – MyNET up to version 26.08 contains a reflected ... (How to Fix)

Q: What is the severity of CVE-2024-35322?

CVE-2024-35322 has a CVSS score of 6.1 (MEDIUM). MyNET up to version 26.08 contains a reflected cross-site scripting (XSS) vulnerability in the ficheiro parameter. Attackers can inject malicious scripts that execute in victims' browsers when they visit crafted URLs. This affects all users of vulnerable MyNET installations.

📋 TL;DR

MyNET up to version 26.08 contains a reflected cross-site scripting (XSS) vulnerability in the ficheiro parameter. Attackers can inject malicious scripts that execute in victims' browsers when they visit crafted URLs. This affects all users of vulnerable MyNET installations.

💻 Affected Systems

Products:

MyNET

Versions: Up to and including v26.08

Operating Systems: All platforms running MyNET

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the ficheiro parameter handling; all deployments with this parameter exposed are affected.

📦 What is this software?

Mynet by Airc

View all CVEs affecting Mynet →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal session cookies, perform actions as authenticated users, redirect to malicious sites, or install malware via drive-by downloads.

🟠

Likely Case

Session hijacking, credential theft, or defacement of web pages through script injection.

🟢

If Mitigated

Limited impact if input validation, output encoding, and Content Security Policy are properly implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires user interaction (clicking malicious link) but is trivial to craft; public exploit code is available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.airc.pt/solucoes-servicos/solucoes?segment=MYN

Restart Required: No

Instructions:

1. Check vendor advisory for updates. 2. Upgrade to a version above 26.08 if available. 3. Apply input validation and output encoding to the ficheiro parameter.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rule

all

Block or sanitize requests containing malicious scripts in the ficheiro parameter.

WAF-specific configuration required

Input Validation Filter

all

Implement server-side validation to reject or sanitize suspicious input in the ficheiro parameter.

Application-specific code implementation

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers to mitigate script execution.
Disable or restrict access to the vulnerable endpoint if not essential.

🔍 How to Verify

Check if Vulnerable:

Test by injecting a script payload into the ficheiro parameter (e.g., ?ficheiro=<script>alert('XSS')</script>) and check if it executes.

Check Version:

Check MyNET version in application interface or configuration files; specific command depends on deployment.

Verify Fix Applied:

After applying fixes, repeat the test; script should not execute and input should be sanitized or blocked.

📡 Detection & Monitoring

Log Indicators:

HTTP requests with script tags or encoded payloads in the ficheiro parameter
Unusual parameter values in access logs

Network Indicators:

Malicious URLs containing script injections in ficheiro parameter
Traffic patterns indicating XSS exploitation attempts

SIEM Query:

Example: source="web_logs" AND uri_query="*ficheiro=*script*"

📊 Metadata

CVE ID: CVE-2024-35322

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.04% exploit probability (13.2th percentile)

Published: December 24, 2025

Last Updated: December 31, 2025

🔗 References

https://miguelsantareno.github.io/airc_exploit.txt Exploit,Third Party Advisory
https://www.airc.pt/solucoes-servicos/solucoes?segment=MYN Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35322, you might also want to check these: