Retrieval-Based Voice Conversion WebUI Code Injection Vulnerability Allowing Remote Code Execution

A code injection vulnerability has been identified in Retrieval-Based Voice Conversion WebUI, a voice-changing framework based on VITS. This vulnerability affects versions through 2.2.231006. The issue arises in the 'infer-web.py' file, where the 'ckpt_path2' variable accepts user input, such as a model path, and passes it to the 'change_info_' function. This function reads the file at the specified path, modifies the filename to 'train.log', and then evaluates the file's contents. This process can lead to arbitrary code execution on the server.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where the application is running.

Reproduction

To reproduce this vulnerability, upload a malicious Python script disguised as a model file to a location accessible by the application. Then, provide the path to this file through the 'ckpt_path2' variable in the web interface. The 'change_info_' function will read the file, execute the injected code, and potentially lead to remote code execution.