CVE-2026-43505
Undergoing Analysis Undergoing Analysis - In Progress

Proxy65 Relay Access Control Bypass in Prosody

Vulnerability report for CVE-2026-43505, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-01

Last updated on: 2026-05-01

Assigner: MITRE

Description

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control in the activation scenario, relaying of unauthenticated traffic can occur.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-01
Last Modified
2026-05-01
Generated
2026-07-06
AI Q&A
2026-05-01
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
prosody prosody to 0.12.6 (exc)
prosody prosody From 13.0.0 (inc) to 13.0.5 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-420 The product protects a primary channel, but it does not use the same level of protection for an alternate channel.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Detection Guidance

The provided resources do not include specific detection methods or commands to identify this vulnerability on a network or system.

Executive Summary

CVE-2026-43505 involves two vulnerabilities in the Prosody XMPP server versions prior to 13.0.5 (and 0.12.6 for the 0.12 series). One vulnerability is a Denial of Service (DoS) caused by memory exhaustion, where unauthenticated attackers can send crafted traffic to consume excessive memory due to rate limit weaknesses and resource leaks. The second vulnerability is related to the mod_proxy65 module, which mishandles access control, allowing unauthenticated users to relay traffic through the SOCKS5 proxy without authorization.

Impact Analysis

The vulnerabilities can impact you by allowing unauthenticated attackers to either cause a Denial of Service (DoS) on your Prosody server through memory exhaustion, potentially disrupting service availability, or by enabling unauthorized use of the SOCKS5 proxy (mod_proxy65) to relay traffic. This unauthorized proxy usage could be exploited to bypass network restrictions or anonymize malicious traffic.

Mitigation Strategies

To mitigate the vulnerability in Prosody related to mod_proxy65, you should upgrade to the fixed versions 0.12.6 or 13.0.5.

  • Upgrade Prosody to version 0.12.6 or 13.0.5 or later.
  • Disable the mod_proxy65 module if it is not needed.
  • Review and adjust firewall limits to restrict connection rates and reduce exposure.
Compliance Impact

The provided information does not specify how the vulnerability in Prosody's mod_proxy65 affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43505. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart