Horizon Alert
Summary of the vulnerability and why it matters
This advisory addresses a critical vulnerability in Coolify, an open-source tool used for managing servers, applications, and databases. The issue allows unauthorized access and deployment of resources across different teams due to a lack of ownership validation in certain web interface components. This could potentially lead to the misuse or compromise of managed systems.
- Insecure web components allow unauthorized resource deployment.
- Critical flaw could enable cross-team system access.
- Confirm relevance and potential exposure within your environment.
Attack Path
How an attacker could exploit the issue
An attacker with low privileges could target a Coolify instance by crafting a malicious URL. This URL would leverage specific web UI components that fail to validate team ownership of server IDs found in URL parameters. By manipulating these parameters, an attacker could deploy resources to servers they do not own, potentially leading to unauthorized access and control over other teams' infrastructure.
- Requires low-privilege access.
- Triggers via crafted URL parameters.
- Allows cross-team resource deployment.
Live Threat
Current exploitation, exposure, and threat context
When supported by the advisory, unauthorized users could deploy resources to servers not associated with their team. This could allow them to deploy applications or services onto infrastructure they do not own or manage, potentially impacting the availability or integrity of those systems.
- Server resources and deployed applications.
- Via crafted URL parameters in the web UI.
- Unauthorized resource deployment on shared infrastructure.
Operational Fix
Recommended remediation, mitigation, and detection steps
The Coolify platform's API controllers require server ownership validation, but certain Livewire web UI components do not enforce this, potentially allowing unauthorized cross-team deployments. Infrastructure and platform teams are likely responsible for Coolify deployments. The first practical move is to identify all Coolify instances, confirm their exposure and business criticality, and then plan remediation based on risk.
- Platform/Infrastructure teams own this issue.
- Verify server ownership validation in UI.
- Plan cross-team deployment remediation.