Horizon Alert
Summary of the vulnerability and why it matters
A security vulnerability in Coolify, a server management tool, could allow authenticated users to access unauthorized resources and execute commands. This issue arises because certain terminal functions did not properly enforce authorization.
- Unauthorized access to server resources is possible.
- Impacts systems managing servers and applications.
- Confirm relevance and check for potential exposure.
Attack Path
How an attacker could exploit the issue
An attacker with authenticated access to Coolify could exploit this vulnerability by targeting the terminal WebSocket routes. These routes, due to a lack of proper authorization checks, would allow the attacker to access and potentially execute commands on server resources that they should not have access to, leading to a significant compromise of the system.
- Authenticated user access required.
- Terminal WebSocket routes trigger vulnerability.
- Unauthorized command execution risk.
Live Threat
Current exploitation, exposure, and threat context
An authenticated user could gain unauthorized access to terminal functionality, potentially allowing them to execute commands on resources beyond their designated scope when the system is accessible over a network.
- Server command execution.
- Unauthorized terminal access.
- System compromise and data manipulation.
Operational Fix
Recommended remediation, mitigation, and detection steps
Teams managing the Coolify instance and the underlying infrastructure are responsible for addressing this vulnerability. The first step is to identify all deployed Coolify instances, confirm their reachability and business criticality, and then determine the accountable owner for each. Planning remediation should follow, prioritizing instances based on their assessed risk.
- Own the Coolify instance and its infrastructure.
- Verify Coolify instance reachability and criticality.
- Plan and execute necessary updates or controls.