Security misconfiguration exist in HA Proxy Statistics. The data is accessible by anyone, The HAProxy Stats page provides real-time feed of data about the proxied services and state.
Recommendation
Remove or restrict the access to HA Proxy Statistics page