CVE-2025-66211

💻 Affected Systems

📦 What is this software?

⚠️ Risk & Real-World Impact

🎯 Exploit Status

Exploit details available in public GitHub repository. Requires authenticated access but trivial to execute once authenticated.

🔍 How to Verify

Check Coolify version via web interface or configuration files. If version is below 4.0.0-beta.451, system is vulnerable.

Check Coolify web interface dashboard or configuration files for version information

Verify version is 4.0.0-beta.451 or higher and test PostgreSQL initialization script functionality.

📡 Detection & Monitoring

process_name:"coolify" AND (command_line:*sh* OR command_line:*bash* OR command_line:*root*)

🔗 References

• https://github.com/0xrakan/coolify-cve-2025-66209-66213 Exploit,Third Party Advisory
• https://github.com/coollabsio/coolify/pull/7375 Issue Tracking
• https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.451 Release Notes
• https://github.com/coollabsio/coolify/security/advisories/GHSA-24mp-fc9q-c884