CVE-2025-43845 (GCVE-0-2025-43845)
Vulnerability from cvelistv5
Published
2025-05-05 17:15
Modified
2025-05-05 18:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to code injection. The ckpt_path2 variable takes user input (e.g. a path to a model) and passes it to change_info_ function, which opens and reads the file on the given path (except it changes the final on the path to train.log), and passes the contents of the file to eval, which can lead to remote code execution. As of time of publication, no known patches exist.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RVC-Project | Retrieval-based-Voice-Conversion-WebUI |
Version: <= 2.2.231006 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43845",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-05T18:31:45.449337Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T18:32:32.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Retrieval-based-Voice-Conversion-WebUI",
"vendor": "RVC-Project",
"versions": [
{
"status": "affected",
"version": "\u003c= 2.2.231006"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to code injection. The\u00a0ckpt_path2\u00a0variable\u00a0takes user input\u00a0(e.g. a path to a model) and\u00a0passes\u00a0it to\u00a0change_info_\u00a0function, which opens and reads the file on the given path (except it changes the final on the path to\u00a0train.log), and\u00a0passes the contents of the file to\u00a0eval, which can lead to remote code execution. As of time of publication, no known patches exist."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T17:20:19.719Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://securitylab.github.com/advisories/GHSL-2025-012_GHSL-2025-022_Retrieval-based-Voice-Conversion-WebUI/",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://securitylab.github.com/advisories/GHSL-2025-012_GHSL-2025-022_Retrieval-based-Voice-Conversion-WebUI/"
},
{
"name": "https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1452",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1452"
},
{
"name": "https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1484",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1484"
},
{
"name": "https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L761",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L761"
}
],
"source": {
"advisory": "GHSA-r27f-v57p-f796",
"discovery": "UNKNOWN"
},
"title": "GHSL-2025-015_Retrieval-based-Voice-Conversion-WebUI"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-43845",
"datePublished": "2025-05-05T17:15:56.754Z",
"dateReserved": "2025-04-17T20:07:08.554Z",
"dateUpdated": "2025-05-05T18:32:32.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-43845\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-05-05T18:15:42.300\",\"lastModified\":\"2025-08-01T16:54:49.367\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to code injection. The\u00a0ckpt_path2\u00a0variable\u00a0takes user input\u00a0(e.g. a path to a model) and\u00a0passes\u00a0it to\u00a0change_info_\u00a0function, which opens and reads the file on the given path (except it changes the final on the path to\u00a0train.log), and\u00a0passes the contents of the file to\u00a0eval, which can lead to remote code execution. As of time of publication, no known patches exist.\"},{\"lang\":\"es\",\"value\":\"Retrieval-based-Voice-Conversion-WebUI es un framework de modificaci\u00f3n de voz basado en VITS. Las versiones 2.2.231006 y anteriores son vulnerables a la inyecci\u00f3n de c\u00f3digo. La variable ckpt_path2 recibe la entrada del usuario (por ejemplo, la ruta a un modelo) y la pasa a la funci\u00f3n change_info_, que abre y lee el archivo en la ruta dada (excepto que cambia el final en la ruta a train.log) y pasa el contenido del archivo a eval, lo que puede provocar la ejecuci\u00f3n remota de c\u00f3digo. Al momento de la publicaci\u00f3n, no se conoc\u00edan parches.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.9,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rvc-project:retrieval-based-voice-conversion-webui:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.2.231006\",\"matchCriteriaId\":\"FFD42164-62A5-458A-B811-4BF1180A150A\"}]}]}],\"references\":[{\"url\":\"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1452\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1484\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L761\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://securitylab.github.com/advisories/GHSL-2025-012_GHSL-2025-022_Retrieval-based-Voice-Conversion-WebUI/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-43845\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-05T18:31:45.449337Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T18:32:27.822Z\"}}], \"cna\": {\"title\": \"GHSL-2025-015_Retrieval-based-Voice-Conversion-WebUI\", \"source\": {\"advisory\": \"GHSA-r27f-v57p-f796\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"RVC-Project\", \"product\": \"Retrieval-based-Voice-Conversion-WebUI\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c= 2.2.231006\"}]}], \"references\": [{\"url\": \"https://securitylab.github.com/advisories/GHSL-2025-012_GHSL-2025-022_Retrieval-based-Voice-Conversion-WebUI/\", \"name\": \"https://securitylab.github.com/advisories/GHSL-2025-012_GHSL-2025-022_Retrieval-based-Voice-Conversion-WebUI/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1452\", \"name\": \"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1452\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1484\", \"name\": \"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L1484\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L761\", \"name\": \"https://github.com/RVC-Project/Retrieval-based-Voice-Conversion-WebUI/blob/9f2f0559e6932c10c48642d404e7d2e771d9db43/infer-web.py#L761\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to code injection. The\\u00a0ckpt_path2\\u00a0variable\\u00a0takes user input\\u00a0(e.g. a path to a model) and\\u00a0passes\\u00a0it to\\u00a0change_info_\\u00a0function, which opens and reads the file on the given path (except it changes the final on the path to\\u00a0train.log), and\\u00a0passes the contents of the file to\\u00a0eval, which can lead to remote code execution. As of time of publication, no known patches exist.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-05-05T17:20:19.719Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-43845\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-05T18:32:32.296Z\", \"dateReserved\": \"2025-04-17T20:07:08.554Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-05-05T17:15:56.754Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…