Path Traversal Vulnerability in Fishaudio Bert-VITS2 Model Handler Component

A path traversal vulnerability has been identified in the Fishaudio Bert-VITS2 application, specifically within the Model Handler component's function '_get_all_models' in the file 'hiyoriUI.py'. This vulnerability allows unauthenticated remote attackers to traverse directories, probe for file existence, and read arbitrary '.wav' files. The application, which uses FastAPI, exposes these vulnerabilities over the network without any authentication. The issue has been verified on the latest commit, and the vendor has not responded to disclosure attempts.

Impact

Exploitation of this vulnerability allows for arbitrary directory enumeration, file existence probing, and unauthorized reading of '.wav' files, which could contain sensitive audio data. Additionally, the vulnerability could be exploited to cause a denial-of-service by recursively traversing directories, exhausting system resources.

Reproduction

The vulnerability can be reproduced by sending requests to the '/models/get_local' or '/models/get_unloaded' endpoints with a 'root_dir' parameter that specifies a directory path. The response will indicate whether the directory exists, allowing for systematic enumeration of the filesystem. Alternatively, the '/tools/get_audio' endpoint can be used to probe for the existence of files and read arbitrary '.wav' files. The '/tools/random_example' endpoint can be exploited to perform a recursive directory walk, which could lead to a denial-of-service condition.