Remote Code Execution Vulnerability in Coolify by Coollabs
CVE-2025-34161

9.4CRITICAL

Key Information:

Vendor

Coollabs Technologies

Status
Coolify
Vendor
CVE Published:
27 August 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-34161?

Coolify versions earlier than v4.0.0-beta.420.7 are exposed to a serious vulnerability that enables remote code execution through its project deployment workflow. This vulnerability allows authenticated users with minimal privileges to exploit the Git Repository field during project setup. By delivering a maliciously crafted repository string containing command injection syntax, an attacker can execute arbitrary shell commands on the host system, potentially leading to complete server takeover. This issue underscores the importance of updating to the latest version to mitigate risks associated with unprotected deployment practices.

Affected Version(s)

Coolify * < 4.0.0.-beta.420.7

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-34161 - Proof of Concept

References

https://github.com/coollabsio/coolify/releases/tag/v4.0.0...
vendor-advisorypatch
https://coolify.io/
product
https://github.com/Eyodav/CVE-2025-34161
technical-descriptionexploit

CVSS V4

Score:
9.4
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mike G.A (Eyodav)
.
CVE-2025-34161 : Remote Code Execution Vulnerability in Coolify by Coollabs