RVC-Boss GPT-SoVITS-WebUI Unsafe Deserialization Vulnerability Leading to Remote Code Execution
Vulnerability
A vulnerability allowing unsafe deserialization has been identified in RVC-Boss GPT-SoVITS-WebUI versions through 20250228v3. This issue arises in the file inference_webui.py, where the GPT_dropdown variable accepts user input and passes it to the change_gpt_weights function. Within this function, the user input is used to load a model using torch.load, creating a risk of unsafe deserialization. At the time of publication, no patched versions are known to be available.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where GPT-SoVITS-WebUI is running.
Reproduction
To reproduce this vulnerability, upload a malicious model file that includes executable code to a location accessible by the GPT-SoVITS-WebUI. Then, in the webUI, select this model through the GPT_dropdown. The model will be loaded using torch.load, which will execute the embedded code, leading to remote code execution.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.