0Xrakan

**Name of the Vulnerable Software and Affected Versions** Coolify versions prior to 4.0.0-beta.451 **Description** Coolify is a self-hostable tool for managing servers, applications, and databases. A command injection issue exists in the handling of PostgreSQL Init Script Filenames. An authenticated user with application/service management permissions can execute arbitrary commands as root on managed servers. The issue occurs because PostgreSQL initialization script filenames are passed to shell commands without proper validation, enabling remote code execution. **Recommendations** Update to version 4.0.0-beta.451 or later.

**Name of the Vulnerable Software and Affected Versions** Coolify versions prior to 4.0.0-beta.451 **Description** Coolify is a self-hostable tool for managing servers, applications, and databases. A command injection issue exists in the Dynamic Proxy Configuration Filename handling. Authenticated users with application/service management permissions can execute arbitrary commands as root on managed servers. The issue occurs because proxy configuration filenames are passed to shell commands without proper escaping, allowing for full remote code execution via the `filename` parameter. **Recommendations** Update to version 4.0.0-beta.451 or later.

**Name of the Vulnerable Software and Affected Versions** Coolify versions prior to 4.0.0-beta.451 **Description** Coolify is a self-hostable tool for managing servers, applications, and databases. An authenticated command injection issue exists in the File Storage Directory Mount Path functionality. Users with application/service management permissions can execute arbitrary commands as root on managed servers. The `file storage directory source` parameter is passed to shell commands without proper sanitization, allowing for full remote code execution on the host system. **Recommendations** Upgrade to Coolify version 4.0.0-beta.451 or later.