Primary

Context

Coolify Private Key Enumeration Vulnerability Leading to Remote Command Execution

Vulnerability

A critical vulnerability in Coolify versions prior to 4.0.0-beta.374 allows authenticated users to access private keys in plain text. If the exposed keys are used in conjunction with matching server configurations—specifically the IP or domain, port (likely 22), and user (root)—an attacker can execute arbitrary commands on the remote server.

Impact

Exploitation of this vulnerability could lead to unauthorized access to private keys and, subsequently, remote command execution on the affected server.

Reproduction

The vulnerability can be reproduced by accessing the private key enumeration feature within the Coolify onboarding process. This can be done by calling the 'selectExistingPrivateKey' method, which retrieves private keys without proper authorization.

Remediation

Users should update to Coolify version 4.0.0-beta.374 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Coolify Private Key Enumeration Vulnerability Leading to Remote Command Execution

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating