The remote proxy server can be used to send CONNECT requests.
The proxy allows everyone to perform CONNECT HTTP requests to arbitrary ports, such as:
CONNECT www.acunetix.com:25This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy. A spammer may be using your proxy to send bulk email.
- Restrict proxy access to valid users and/or hosts. Deny CONNECT requests.