CVE-2025-34451 – A stack-based buffer overflow vulnerability exi... (How to Fix)

Q: What is the severity of CVE-2025-34451?

CVE-2025-34451 has a CVSS score of 7.8 (HIGH). A stack-based buffer overflow vulnerability exists in proxychains-ng versions up to 4.17, allowing attackers to cause denial of service or potentially execute arbitrary code by crafting malicious proxy configuration entries with overly long username or password fields. This affects all users of proxychains-ng who process untrusted proxy configurations.

📋 TL;DR

A stack-based buffer overflow vulnerability exists in proxychains-ng versions up to 4.17, allowing attackers to cause denial of service or potentially execute arbitrary code by crafting malicious proxy configuration entries with overly long username or password fields. This affects all users of proxychains-ng who process untrusted proxy configurations.

💻 Affected Systems

Products:

rofl0r/proxychains-ng

Versions: All versions up to and including 4.17, prior to commit cc005b7

Operating Systems: Linux, Unix-like systems, macOS, Windows (if compiled)

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when parsing malicious proxy configuration entries; default configurations are not vulnerable.

📦 What is this software?

Proxychains Ng by Proxychains Ng Project

View all CVEs affecting Proxychains Ng →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if exploit bypasses mitigations like ASLR and stack canaries.

🟠

Likely Case

Application crash (denial of service) due to memory corruption, potentially disrupting proxy chaining functionality.

🟢

If Mitigated

Application crash with no further impact if modern OS protections (ASLR, stack canaries) are effective.

🌐 Internet-Facing: LOW - proxychains-ng is typically a client-side tool, not directly internet-exposed.

🏢 Internal Only: MEDIUM - risk exists if processing untrusted proxy configurations from internal sources or compromised systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting malicious proxy configuration entries; success depends on environment mitigations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit cc005b7 or later

Vendor Advisory: https://github.com/rofl0r/proxychains-ng/commit/cc005b7

Restart Required: No

Instructions:

1. Update proxychains-ng to commit cc005b7 or later. 2. Recompile from source if using custom builds. 3. Replace existing binary with patched version.

🔧 Temporary Workarounds

Restrict Proxy Configuration Sources

all

Only use trusted proxy configuration files; avoid processing configurations from untrusted sources.

Input Validation Script

linux

Use a script to validate proxy configuration entries before passing to proxychains-ng.

#!/bin/bash
# Validate username/password length in proxy config
MAX_LEN=256
if grep -E 'username|password' "$1" | grep -qE ".{$MAX_LEN,}"; then
    echo "ERROR: Config contains overly long fields"
    exit 1
fi

🧯 If You Can't Patch

Disable proxychains-ng usage for untrusted proxy configurations.
Implement network segmentation to limit potential impact if exploitation occurs.

🔍 How to Verify

Check if Vulnerable:

Check proxychains-ng version: if version ≤ 4.17 or commit hash prior to cc005b7, it is vulnerable.

Check Version:

proxychains4 --version 2>/dev/null || proxychains --version

Verify Fix Applied:

Verify version is > 4.17 or commit includes cc005b7; test with a safe long field in proxy config to ensure no crash.

📡 Detection & Monitoring

Log Indicators:

Application crashes (segmentation faults) in proxychains-ng processes
Unusual proxy configuration file access patterns

Network Indicators:

Abnormal proxy connection failures following configuration changes

SIEM Query:

process.name:"proxychains" AND event.action:"segmentation fault"

📊 Metadata

CVE ID: CVE-2025-34451

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-121

EPSS Score: 0.03% exploit probability (8.8th percentile)

Published: December 18, 2025

Last Updated: December 31, 2025

🔗 References

https://github.com/httpsgithu/proxychains-ng/commit/cc005b7 Patch
https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md Exploit,Third Party Advisory
https://github.com/rofl0r/proxychains-ng/issues/606 Exploit,Patch
https://www.vulncheck.com/advisories/rofl0r-proxychains-ng-stack-based-buffer-overflow Third Party Advisory
https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-008-proxychains-ng-stack-buffer-overflow-proxy_from_string.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34451, you might also want to check these: