CVE-2025-27784

HIGH

Applio < 3.2.8-bugfix - Arbitrary File Read via export_pth Function

Title source: llm

Description

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file read in train.py's `export_pth` function. This issue may lead to reading arbitrary files on the Applio server. It can also be used in conjunction with blind server-side request forgery to read files from servers on the internal network that the Applio server has access to. As of time of publication, no known patches are available.

References (3)

Core 3

Core References

Exploit, Vendor Advisory x_refsource_confirm

https://securitylab.github.com/advisories/GHSL-2024-341_GHSL-2024-353_Applio/

Product x_refsource_misc

https://github.com/IAHispano/Applio/blob/29b4a00e4be209f9aac51cd9ccffcc632dfb2973/tabs/train/train.py#L267

View Writeup ZIP pw:eip

Product x_refsource_misc

https://github.com/IAHispano/Applio/blob/29b4a00e4be209f9aac51cd9ccffcc632dfb2973/tabs/train/train.py#L801

Scores

CVSS v3 7.5

EPSS 0.0053

EPSS Percentile 40.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (1)

applio/applio < 3.2.8-bugfix

Published Mar 19, 2025

Tracked Since Feb 18, 2026