CVE-2025-34451

UNKNOWN 0.0

rofl0r/proxychains-ng <= 4.17 Stack-based Buffer Overflow

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

rofl0r/proxychains-ng versions up to and including 4.17 and prior to commit cc005b7 contain a stack-based buffer overflow vulnerability in the function proxy_from_string() located in src/libproxychains.c. When parsing crafted proxy configuration entries containing overly long username or password fields, the application may write beyond the bounds of fixed-size stack buffers, leading to memory corruption or crashes. This vulnerability may allow denial of service and, under certain conditions, could be leveraged for further exploitation depending on the execution environment and applied mitigations.

CWE	CWE-121
Vendor	rofl0r
Product	proxychains-ng
Published	Dec 18, 2025
Last Updated	Mar 23, 2026

Stay Ahead of the Next One

Get instant alerts for rofl0r proxychains-ng

Be the first to know when new unknown vulnerabilities affecting rofl0r proxychains-ng are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

rofl0r / proxychains-ng

0 ≤ 4.17

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md github.com: https://github.com/rofl0r/proxychains-ng/issues/606 github.com: https://github.com/httpsgithu/proxychains-ng/commit/cc005b7 vulncheck.com: https://www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflow

Credits

Vlatko Kosturjak with Marlink Cyber