ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL
Description
ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN \r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOWN, the receiver MUST ignore any address fields that follow it, because the proxy has declared it cannot determine the client identity. ProxySQL parses those address fields anyway via sscanf and writes the spoofed source address into the session's addr.addr field. From there it flows directly into the query-rule matcher, where the client_addr predicate decides routing and ACL. When mysql-proxy_protocol_networks = '*' (the default), any TCP peer can send a PP1 frame and choose any source IP claim. With that, any mysql_query_rules row pinned to a client_addr value is forgeable: the attacker writes the address they want to match into the PP1 line, and ProxySQL routes their query as if it came from that address. In practice this is a routing and ACL bypass. Real deployments use client_addr for read-write splitting (internal apps go to the primary, public traffic to read replicas), per-app schema pinning, and query-filter rules (DDL allowed only from admin CIDR, public queries blocked from dangerous patterns). An attacker that can reach the frontend port can forge their way into any of those routes. Version 3.0.9 patches this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
Root cause
"The PROXY protocol v1 parser unconditionally parses address fields even when the protocol token is `UNKNOWN`, allowing an attacker to supply a forged source IP that the specification requires be ignored."
Attack vector
An attacker with TCP access to ProxySQL's MySQL frontend sends a `PROXY UNKNOWN <forged-IP> ...\r\n` frame [ref_id=1]. The parser calls `sscanf` on the entire line regardless of the `UNKNOWN` token, writing the attacker-chosen source address into the session's `addr.addr` field [CWE-348]. When `mysql-proxy_protocol_networks = '*'` (the default), no source-network restriction is enforced on PP1 headers. The forged IP then flows into `mysql_query_rules.client_addr` matching, allowing the attacker to trigger any rule pinned to a specific IP value, bypassing routing and ACL boundaries [CWE-863].
Affected code
lib/proxy_protocol_info.cpp:43-62 (the PROXY protocol v1 parser) accepts address fields even after a `PROXY UNKNOWN` token, lib/mysql_data_stream.cpp:1289-1299 overwrites the session's `addr.addr` with that forged value, and lib/Query_Processor.cpp:299-336 / :1776-1791 uses the spoofable `client_myds->addr.addr` string in `mysql_query_rules.client_addr` matching.
What the fix does
The patch removes the `UNKNOWN` case from the `sscanf` parsing path in `lib/proxy_protocol_info.cpp` [ref_id=1]. When the protocol token is `UNKNOWN`, the function now returns `true` without parsing any address fields, leaving `addr.addr` untouched so downstream code sees the real TCP peer identity. This matches the HAProxy v1 spec requirement that receivers MUST ignore address fields after `UNKNOWN`. The secondary `memcmp` prefix-match issue (accepting `TCP4xyz`) is also eliminated because the fix restricts address parsing to only `TCP4` and `TCP6`.
Preconditions
- configThe ProxySQL config `mysql-proxy_protocol_networks` must be set to `'*'` (default) or include the attacker's network
- configAt least one `mysql_query_rules` row must define a `client_addr` predicate that the attacker wishes to match
- networkThe attacker must be able to open a TCP connection to the ProxySQL MySQL frontend port
- inputThe attacker sends a `PROXY UNKNOWN ...` line before any MySQL protocol data
Generated on Jun 20, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- github.com/sysown/proxysql/releases/tag/v3.0.9mitrex_refsource_MISC
- github.com/sysown/proxysql/security/advisories/GHSA-gw94-85m2-x8v2mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.