The remote proxy may pass local user credentials to a malicious external website.
The remote client is utilizing a WinRoute Proxy. Some versions of this proxy have a bug wherein client Proxy authorization is forwarded to remote web servers. As a result, a malicious web server can retrieve the user's Proxy UserID and password. Versions of Winroute up to 5.1.4 are affected by this vulnerability.
Upgrade to 5.1.4 or later.