{“lastseen”:”2025-08-28T16:36:02″,”description”:”Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to…”,”published”:”2025-08-28T00:00:00″,”modified”:”2025-08-28T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Coolify 4.0.0-beta.420.6 Command Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:208950″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-34161″],”sourceData”:”| Field | Value |\\n |————-|——————————–|\\n | CVE ID | CVE-2025-34161 |\\n | Affected | Coolify \\u003c= v4.0.0-beta.420.6 |\\n | Fixed in | v4.0.0-beta.420.7 |\\n | Severity | Critical |\\n | CVSS 4.0 | CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/VI:H\/VA:H\/SC:H\/SI:H\/SA:H|\\n | CWE | CWE-78 (OS Command Injection) |\\n \\n \\n ## \ud83d\udcdd Summary\\n Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to a critical remote code execution (RCE) flaw in the project deployment workflow. The platform allows authenticated users, with low-level privileges, to inject arbitrary shell commands via the Git Repository URL field during project creation. By submitting a crafted repository string containing command injection syntax, an attacker can execute arbitrary commands on the underlying host system, resulting in full server compromise.\\n \\n ## \u26a1 Impact\\n – Remote Code Execution (RCE)\\n – Privilege escalation from low-level user to full host compromise\\n – Complete loss of confidentiality, integrity, and availability\\n \\n ## \ud83d\udee0\ufe0f Steps to Reproduce\\n 1. Login as a low-privileged user \\n 2. Create a new project\\n 3. Select private GIT \\n 4. Insert a malicious payload in the `Git Repository URL` field (e.g. “git@github.com:fake\/repo.git; cat \/etc\/passwd #;“) \\n 5. Deploy the project \u2192 observe arbitrary command execution in the log \\n \\n ## \ud83d\udd17 References\\n – [CVE Record – CVE-2025-34161](https:\/\/cve.org\/CVERecord?id=CVE-2025-34161)”,”sourceHref”:”https:\/\/packetstorm.news\/download\/208950″,”cvss”:{“score”:9.4,”severity”:”CRITICAL”,”vector”:”CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/SC:H\/VI:H\/SI:H\/VA:H\/SA:H”,”version”:”4.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/208950\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-08-28T16:36:02″,”description”:”Coolify versions prior to and including v4.0.0-beta.420.6 are vulnerable to…”,”published”:”2025-08-28T00:00:00″,”modified”:”2025-08-28T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Coolify 4.0.0-beta.420.6 Command Injection”,”source”:””,”references”:””,”id”:”PACKETSTORM:208950″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-34161″],”sourceData”:”| Field | Value |\\n |————-|——————————–|\\n | CVE ID | CVE-2025-34161 |\\n…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,131,12,13,53,7,11,5],"class_list":["post-14808","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-94","tag-exploit","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n