Unrated severityOSV Advisory· Published Dec 18, 2025· Updated Mar 23, 2026

rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow

CVE-2025-34451

Description

rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations.

Affected products

Httpsgithu/Proxychains NgOSV
Range: v4.1, v4.10, v4.11, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/httpsgithu/proxychains-ng/commit/cc005b7mitrepatch
github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.mdmitretechnical-descriptionexploit
www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflowmitrethird-party-advisory
github.com/rofl0r/proxychains-ng/issues/606mitreissue-tracking

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000