Retrieval-Based Voice Conversion WebUI Unsafe Deserialization Vulnerability Allowing Remote Code Execution
Vulnerability
A vulnerability exists in Retrieval-Based Voice Conversion WebUI versions through 2.2.231006, allowing unsafe deserialization of user-supplied model paths. This issue arises in the 'vr.py' module, specifically within the 'AudioPreDeEcho' class. When a model path containing 'DeEcho' is provided, the application creates an instance of 'AudioPreDeEcho' with the user input as the model path. The 'torch.load' function is then used to load the model from this path, leading to unsafe deserialization and potential remote code execution.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where the application is running.
Reproduction
To reproduce this vulnerability, upload a malicious model file that includes a payload for remote code execution. Then, in the Retrieval-Based Voice Conversion WebUI, select this model file for use with the 'DeEcho' processing option. The application will load the model using 'torch.load', deserializing the payload and executing the embedded code.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.