CVE-2026-30832 Overview
CVE-2026-30832 is a critical Server-Side Request Forgery (SSRF) vulnerability in Charm Soft Serve, a self-hostable Git server for the command line. The vulnerability allows authenticated SSH users to force the server to make HTTP requests to internal or private IP addresses by exploiting the repo import command with a crafted --lfs-endpoint URL. While the initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), attackers hosting a fake LFS server can chain this vulnerability into full read access to internal services by returning download URLs that point at internal targets.
Critical Impact
Authenticated attackers can exploit this SSRF vulnerability to access internal services and sensitive data by chaining LFS endpoint manipulation with a malicious LFS server, potentially exposing private network resources.
Affected Products
- Charm Soft Serve versions 0.6.0 to before 0.11.4
- Charm Soft Serve Go package (cpe:2.3:a:charm:soft_serve:*:*:*:*:*:go:*:*)
Discovery Timeline
- 2026-03-07 - CVE-2026-30832 published to NVD
- 2026-03-11 - Last updated in NVD database
Technical Details for CVE-2026-30832
Vulnerability Analysis
This vulnerability is classified under CWE-918 (Server-Side Request Forgery). The flaw exists in how Soft Serve handles LFS endpoint URLs during repository import operations. An authenticated SSH user can supply a malicious --lfs-endpoint parameter that causes the server to initiate outbound HTTP requests to arbitrary destinations, including internal and private IP addresses.
The attack chain involves two stages: First, the attacker triggers a blind SSRF by specifying a crafted LFS endpoint URL. While the initial metadata request response won't parse correctly as valid LFS JSON, this opens the door for a more sophisticated attack. In the second stage, an attacker who controls a fake LFS server can respond with download URLs pointing to internal targets, effectively converting the blind SSRF into a full read primitive against internal services.
Root Cause
The root cause stems from insufficient validation and SSRF protection in the DNS resolution handling within the pkg/ssrf/ssrf.go module. The original implementation failed to properly resolve and validate hostnames before establishing connections, allowing attackers to bypass SSRF protections by using hostnames that resolve to private IP addresses. The vulnerable code path did not perform DNS lookups to verify whether resolved IP addresses fell within private or internal ranges.
Attack Vector
The attack is network-based and requires low-privilege authenticated SSH access to the Soft Serve instance. An attacker exploits this by:
- Authenticating to the Soft Serve server via SSH
- Executing a repo import command with a malicious --lfs-endpoint URL pointing to an attacker-controlled server
- The attacker's fake LFS server responds with download URLs targeting internal services
- The Soft Serve server fetches these internal URLs, exposing sensitive data to the attacker
The following patch addresses the vulnerability by implementing proper DNS resolution with private IP validation:
ip := net.ParseIP(host)
if ip == nil {
- return nil, fmt.Errorf("unexpected non-IP address in dial: %s", host)
+ ips, err := net.LookupIP(host) //nolint
+ if err != nil {
+ return nil, fmt.Errorf("DNS resolution failed for host %s: %v", host, err)
+ }
+ if len(ips) == 0 {
+ return nil, fmt.Errorf("no IP addresses found for host: %s", host)
+ }
+ ip = ips[0] // Use the first resolved IP address
}
if isPrivateOrInternal(ip) {
return nil, fmt.Errorf("%w", ErrPrivateIP)
Source: GitHub Commit 3ef6600
Detection Methods for CVE-2026-30832
Indicators of Compromise
- Unusual outbound HTTP requests from the Soft Serve server process to internal IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8)
- SSH sessions executing repo import commands with suspicious --lfs-endpoint parameters
- Network connections from the Git server to unexpected internal services (metadata endpoints, cloud provider APIs, internal APIs)
- Log entries showing LFS endpoint URLs pointing to non-standard or attacker-controlled domains
Detection Strategies
- Monitor SSH command logs for repo import operations with --lfs-endpoint flags containing unusual URLs or internal IP addresses
- Implement network-level monitoring to detect outbound connections from the Soft Serve server to private IP ranges
- Set up alerts for HTTP requests originating from the server to cloud metadata endpoints (e.g., 169.254.169.254)
- Review access logs for authenticated users executing repository import commands targeting suspicious endpoints
Monitoring Recommendations
- Deploy egress filtering and logging to track all outbound HTTP/HTTPS requests from the Soft Serve server
- Enable verbose logging for SSH sessions and Git operations to capture command parameters
- Implement network segmentation alerts to detect when the Git server attempts to communicate with isolated internal services
- Configure SIEM rules to correlate SSH authentication events with subsequent internal network traffic anomalies
How to Mitigate CVE-2026-30832
Immediate Actions Required
- Upgrade Charm Soft Serve to version 0.11.4 or later immediately
- Audit SSH access logs for any suspicious repo import commands with custom LFS endpoints
- Review network logs for potential exploitation attempts targeting internal services
- Temporarily restrict the repo import functionality if immediate patching is not possible
Patch Information
The vulnerability has been patched in Soft Serve version 0.11.4. The fix implements proper DNS resolution within the SSRF protection module, ensuring that hostnames are resolved and validated against private IP ranges before connections are established. Organizations should upgrade to this version as soon as possible.
For detailed patch information, refer to:
Workarounds
- Implement network-level egress filtering to block outbound connections from the Soft Serve server to private IP ranges
- Restrict SSH access to the Soft Serve instance to trusted users only
- Deploy a reverse proxy or web application firewall to inspect and block suspicious LFS endpoint URLs
- Use network segmentation to isolate the Git server from sensitive internal services
# Example iptables rules to block outbound connections to private IP ranges
# Apply to the Soft Serve server to mitigate SSRF attempts
# Block connections to RFC1918 private networks
iptables -A OUTPUT -d 10.0.0.0/8 -m owner --uid-owner softserve -j DROP
iptables -A OUTPUT -d 172.16.0.0/12 -m owner --uid-owner softserve -j DROP
iptables -A OUTPUT -d 192.168.0.0/16 -m owner --uid-owner softserve -j DROP
# Block connections to localhost ranges
iptables -A OUTPUT -d 127.0.0.0/8 -m owner --uid-owner softserve -j DROP
# Block connections to link-local and cloud metadata endpoints
iptables -A OUTPUT -d 169.254.0.0/16 -m owner --uid-owner softserve -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
