CVE-2004-0326

professional_gatekeeper 4.7 - Remote Code Execution via Long GET Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2004-0326. PoCs published by Metasploit, kralor, including Metasploit module exploits/windows/proxy/proxypro_http_get.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Proxy-Pro Professional GateKeeper 4.7 via a long HTTP GET request to port 3128, allowing arbitrary code execution.

Description

Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16692

This Metasploit module exploits a stack buffer overflow in Proxy-Pro Professional GateKeeper 4.7 via a long HTTP GET request to port 3128, allowing arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Proxy-Pro Professional GateKeeper 4.7
No auth needed
Prerequisites: Network access to the target on port 3128
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by kralor · cremotewindows
https://www.exploit-db.com/exploits/155

This exploit targets a buffer overflow vulnerability in GateKeeper Pro 4.7's web proxy service (port 3128). It sends a crafted HTTP GET request with a long payload to overwrite the return address and execute shellcode, resulting in remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GateKeeper Pro 4.7
No auth needed
Prerequisites: Network access to the target's web proxy service (port 3128) · Target must be running GateKeeper Pro 4.7
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by kralor · cremotewindows
https://www.exploit-db.com/exploits/23741

This exploit targets a buffer overflow vulnerability in Proxy-Pro Professional GateKeeper 4.7. It crafts a malicious HTTP GET request to overflow the buffer and execute arbitrary shellcode, providing remote code execution (RCE).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Proxy-Pro Professional GateKeeper 4.7
No auth needed
Prerequisites: Network access to the vulnerable GateKeeper proxy · Target must be running GateKeeper Pro 4.7
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/proxy/proxypro_http_get.rb

This Metasploit module exploits a stack buffer overflow in Proxy-Pro Professional GateKeeper 4.7 by sending a maliciously crafted HTTP GET request to port 3128. The exploit leverages a long string to overflow the buffer and execute arbitrary code via a return address overwrite.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Proxy-Pro Professional GateKeeper 4.7
No auth needed
Prerequisites: Network access to the target on port 3128 · Target running Proxy-Pro Professional GateKeeper 4.7
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107755692400728&w=2
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9716
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15277

Scores

EPSS 0.6281
EPSS Percentile 99.1%

Details

Status published
Products (1)
proxy-pro/professional_gatekeeper 4.7
Published Nov 23, 2004
Tracked Since Feb 18, 2026