Incus Blind Server-Side Request Forgery Vulnerability in Image Import Process

A blind server-side request forgery (SSRF) vulnerability has been identified in Incus, an open-source container and virtual machine manager, in versions prior to 7.0.0. The issue arises during the image import process, where an outbound HEAD request is sent to a user-supplied URL before the request is validated against project restrictions. This allows authenticated users to coerce the server into making blind HEAD requests to arbitrary destinations, including internal services and cloud metadata endpoints. The vulnerability pattern is similar to CVE-2026-24767.

Impact

Exploitation of this vulnerability allows for blind server-side request forgery, where an authenticated user can induce the server to make HTTP requests to external or internal endpoints, potentially probing for sensitive information or accessing restricted services.

Reproduction

To reproduce this vulnerability, switch to a restricted project in Incus that has the 'restricted.images.servers' policy. Then, initiate an image import from an attacker-controlled URL. The Incus server will issue a HEAD request to the specified URL before the import is validated, demonstrating the blind SSRF vulnerability.

Remediation

Users can update to Incus version 7.0.0 or later, where this vulnerability has been fixed.