GPT-SoVITS-WebUI Unsafe Deserialization Vulnerability Leading to Remote Code Execution
Vulnerability
A vulnerability allowing unsafe deserialization, which can lead to remote code execution, has been identified in GPT-SoVITS-WebUI versions through 20250228v3. The issue arises in the process_ckpt.py file, where the SoVITS_dropdown variable accepts user input and passes it to the load_sovits_new function. This function uses the input to load a model with torch.load, creating a risk of unsafe deserialization.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where GPT-SoVITS-WebUI is running.
Reproduction
To reproduce this vulnerability, upload a malicious model file that includes executable code to a location accessible by the GPT-SoVITS-WebUI. Then, select this file in the SoVITS dropdown menu. The application will load the model using torch.load, executing the embedded code and demonstrating the remote code execution vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.