Applio Unsafe Deserialization Vulnerability in Model Information Component Allowing Remote Code Execution

A vulnerability allowing unsafe deserialization has been identified in Applio, a voice conversion tool, in versions through 3.2.8-bugfix. The issue arises in the 'model_information.py' file, where the 'model_name' parameter accepts user-supplied input, such as a path to a model. This input is then passed to the 'run_model_information_script' and subsequently to the 'model_information' function. Here, the model is loaded using 'torch.load', which is susceptible to unsafe deserialization. Exploiting this vulnerability could lead to remote code execution on the server where Applio is running.

Impact

Exploitation of this vulnerability allows for remote code execution on the server where Applio is installed.

Reproduction

To reproduce this vulnerability, upload a model file that contains a payload for remote code execution. Then, use the 'model_information' function in 'model_information.py' to load the model. The 'torch.load' function will deserialize the model, executing the payload and achieving remote code execution on the server.

Remediation

Users can update to the latest version of Applio, where this vulnerability has been patched.