Impact
A flaw in Coolify allows a logged‑in user to inject arbitrary code into the Nixpacks build process. The install_command supplied by a user is concatenated directly into a shell command that runs on the deployment host, giving an attacker the ability to execute host‑level instructions with full system privileges. This vulnerability permits the compromise of the underlying machine and jeopardizes confidentiality, integrity, and availability of all services running on that host.
Affected Systems
The product is Coolify from coollabsio. Versions earlier than 4.0.0‑beta.470 are affected. 4.0.0‑beta.470 and newer contain the fix for this issue.
Risk and Exploitability
The CVSS score of 8.8 classifies the weakness as High severity. No EPSS data is available, and the vulnerability is not yet listed in the CISA KEV catalog, but the requirement for authentication limits the attacker’s scope to accounts that can trigger a build. Once authenticated, the attacker can run arbitrary shell commands on the host during deployment. The lack of a known public exploit does not diminish the potential impact, as the flaw can be executed by anyone with access to the build configuration interface.
OpenCVE Enrichment