Description

The remote proxy server can be used to connect to arbitrary ports.
The proxy allows everyone to perform HTTP requests to arbitrary ports, such as: 

GET http://www.acunetix.com:25
This may allow attackers to bypass your firewall and connect to sensitive ports like 23 (telnet), 25 (sendmail) using the proxy.

Remediation

Restrict proxy access to valid users and/or hosts. Deny access to non-authorized ports.

References

Wikipedia Open proxy

Wikipedia Web proxy

Related Vulnerabilities

View state MAC disabled

PHP open_basedir is not set

RC4 cipher suites detected

Tornado debug mode

JWT weak secret key

Severity

High

Classification

CWE-16 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Tags

Configuration Network Alert