WebWasher Information for VU#150227
HTTP proxy default configurations allow arbitrary TCP connections
This problem has been fixed with the newest releases of WebWasher EE.
General Availability (GA) release: WebWasher Proxy 3.4.1 Build 175
First Customer Shipment (FCS) release: WebWasher 4.0.0 Build 177
We fixed the problem end of July  and that all version we released since contain this fix.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.