CVE-2024-40317 – This reflected cross-site scripting (XSS) vulne... (How to Fix)

Q: What is the severity of CVE-2024-40317?

CVE-2024-40317 has a CVSS score of 6.1 (MEDIUM). This reflected cross-site scripting (XSS) vulnerability in MyNET allows attackers to inject malicious scripts into web pages by manipulating HTTP parameters. When users visit a specially crafted URL, the attacker can execute arbitrary JavaScript in their browser session. All users of MyNET up to version 26.08 are affected.

📋 TL;DR

This reflected cross-site scripting (XSS) vulnerability in MyNET allows attackers to inject malicious scripts into web pages by manipulating HTTP parameters. When users visit a specially crafted URL, the attacker can execute arbitrary JavaScript in their browser session. All users of MyNET up to version 26.08 are affected.

💻 Affected Systems

Products:

MyNET

Versions: Up to and including v26.08

Operating Systems: All platforms running MyNET

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments with the vulnerable version are affected regardless of configuration.

📦 What is this software?

Mynet by Airc

View all CVEs affecting Mynet →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as the authenticated user, redirect to malicious sites, or install malware via drive-by downloads.

🟠

Likely Case

Session hijacking, credential theft, or defacement of the application interface through injected content.

🟢

If Mitigated

Limited impact if proper input validation and output encoding are implemented, though some user interaction would still be required.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The exploit requires user interaction (clicking a malicious link) but is trivial to craft once the vulnerable parameter is identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.airc.pt/solucoes-servicos/solucoes?segment=MYN

Restart Required: No

Instructions:

Check the vendor advisory for patch availability. If a patch exists, apply it according to vendor instructions. Otherwise, implement workarounds.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rules

all

Implement WAF rules to block XSS payloads in HTTP parameters

Input Validation

all

Implement server-side validation to sanitize or reject malicious input in HTTP parameters

🧯 If You Can't Patch

Implement Content Security Policy (CSP) headers to restrict script execution
Use browser security features like HttpOnly and Secure flags for cookies

🔍 How to Verify

Check if Vulnerable:

Test by injecting a simple XSS payload like <script>alert('test')</script> into HTTP parameters and observing if it executes

Check Version:

Check MyNET version in administration interface or configuration files

Verify Fix Applied:

Retest with the same payload after implementing fixes; the script should not execute

📡 Detection & Monitoring

Log Indicators:

Unusual parameter values containing script tags or JavaScript code
Multiple failed XSS attempts

Network Indicators:

HTTP requests with suspicious parameter values containing script elements

SIEM Query:

source="web_logs" AND (param="*<script>*" OR param="*javascript:*")

📊 Metadata

CVE ID: CVE-2024-40317

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (16.7th percentile)

Published: December 24, 2025

Last Updated: December 31, 2025

🔗 References

https://miguelsantareno.github.io/airc_exploit.txt Exploit,Third Party Advisory
https://www.airc.pt/solucoes-servicos/solucoes?segment=MYN Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-40317, you might also want to check these: