This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Coolify suffers from **Command Injection** due to improper sanitization of `docker-compose.yaml` parameters.β¦
π‘οΈ **Root Cause**: **CWE-77** (Command Injection). The flaw lies in **improper parameter cleaning** within the `docker-compose.yaml` configuration handling.β¦
π¦ **Affected**: **Coolify** (by coollabsio). Specifically versions **prior to 4.0.0-beta.445**. If you are running an older beta or stable release, you are vulnerable.β¦
β οΈ **Exploitation Threshold**: **Low to Medium**. CVSS indicates **AV:N** (Network) and **AC:L** (Low Complexity). However, it requires **UI:R** (User Interaction) and **PR:N** (No Privileges Required).β¦
π **Public Exploit**: **No PoC provided** in the data. While the vulnerability is confirmed, there is no public Proof-of-Concept code or widespread wild exploitation reported yet. Stay vigilant! π΅οΈββοΈ
Q7How to self-check? (Features/Scanning)
π **Self-Check**: 1. Check your Coolify version (`< 4.0.0-beta.445`). 2. Review `docker-compose.yaml` inputs for unsanitized variables. 3. Monitor system logs for unexpected command executions. 4.β¦
β **Official Fix**: **Yes**. The vendor has released a fix. Update to **Coolify 4.0.0-beta.445** or later. π **Commit**: See GitHub commit `f86ccfaa9af572a5487da8ea46b0a125a4854cf6` for the patch details.
Q9What if no patch? (Workaround)
π§ **No Patch Workaround**: If you cannot update immediately: 1. **Restrict Access**: Limit UI access to trusted IPs. 2. **Input Validation**: Manually sanitize any user-supplied inputs passed to Docker Compose. 3.β¦
π₯ **Urgency**: **HIGH**. CVSS Score is **Critical** (implied by C:H/I:H/A:H). Since it allows remote command execution with no auth required for the vector, patch immediately. Do not delay! β³