Primary

Context

Prosody Unauthenticated Access Control Vulnerability in SOCKS5 Proxy (mod_proxy65)

Vulnerability

Patched

A vulnerability allowing unauthenticated use of the SOCKS5 proxy module (mod_proxy65) has been identified in Prosody versions prior to 0.12.6 and 13.0.0 prior to 13.0.5. The issue arises from improper access control in mod_proxy65, which can lead to unauthorized relaying of traffic. This vulnerability is present in all deployments with mod_proxy65 enabled, although it is not activated by default.

Impact

Exploitation of this vulnerability allows for unauthorized use of the SOCKS5 proxy, enabling relaying of traffic through the Prosody server without authentication.

Remediation

Users can upgrade to Prosody 0.12.6 or 13.0.5 to address this vulnerability. If mod_proxy65 is not needed, it can be disabled, although this may affect certain file transfer functionalities.

Added: May 1, 2026, 3:22 PM

Updated: May 1, 2026, 3:22 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

7.6

remediation

7.9

relevance

7.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

7.6

remediation

7.9

relevance

7.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Prosody Unauthenticated Access Control Vulnerability in SOCKS5 Proxy (mod_proxy65)

Vulnerability

Impact

Remediation

Affected Products

Prosody

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating