Applio Server-Side Request Forgery and File Write Vulnerability

A server-side request forgery (SSRF) vulnerability allowing blind SSRF and arbitrary file writes has been identified in Applio versions through 3.2.7. The vulnerability resides in the 'model_download.py' file, specifically at line 156. This blind SSRF allows the Applio server to send requests on behalf of the user, potentially probing for other vulnerabilities on the server or internal network. Additionally, the arbitrary file write capability can be exploited, especially when combined with other vulnerabilities, such as unsafe deserialization, to achieve remote code execution on the Applio server.

Impact

Exploitation of this vulnerability could lead to blind server-side request forgery, allowing the Applio server to make requests to internal resources or external services. This could be used to probe for additional vulnerabilities or access sensitive information. The arbitrary file write capability could also be leveraged, particularly in conjunction with other vulnerabilities, to execute remote code on the Applio server.

Reproduction

The vulnerability can be reproduced by uploading a file through the application's interface, which is then saved to an arbitrary location on the server. This can be done by using the 'bin_file_upload' and 'config_file_upload' fields in the 'inference' or 'tts' tabs. After the file is uploaded, the 'export_pth' or 'export_index' functions can be used to read the uploaded files, demonstrating the arbitrary file read capability. The uploaded files can be deserialized in a way that executes code, completing the exploitation chain.