Proxy accepts CONNECT requests

Description
  • The remote proxy server can be used to send CONNECT requests.
    The proxy allows everyone to perform CONNECT HTTP requests to arbitrary ports, such as:
    CONNECT www.acunetix.com:25
    
    This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy. A spammer may be using your proxy to send bulk email.
Remediation
  • Restrict proxy access to valid users and/or hosts. Deny CONNECT requests.
References