CVE-2025-27787

CVE-2025-27787 is a denial-of-service (DoS) vulnerability affecting Applio, an open-source voice conversion tool, in versions 3.2.8-bugfix and prior. The issue resides in the restart.py component, where the user-supplied model_name parameter from train.py is passed unsanitized to the stop_train function. This constructs a file path to a config.json file, which is then read to extract a list of process IDs under "process_pids" and terminate those processes. The vulnerability enables path traversal (CWE-22), such as using "../../" in model_name to access config.json files from arbitrary locations, and improper handling akin to injection flaws (CWE-74). The CVSS v3.1 base score is 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

A remote, unauthenticated attacker can exploit this by first leveraging an arbitrary file write primitive—mentioned in the advisory as a prerequisite—to create a malicious config.json in a controllable location like logs/foobar, populated with a list of process IDs. The attacker then supplies a crafted model_name (e.g., "logs/foobar" or path-traversed equivalents) to trigger the endpoint, causing the server to kill all listed processes. By including hundreds of process IDs, the attacker induces widespread process termination, including Applio's own processes and potentially other critical system processes, resulting in effective DoS.

The GitHub Security Lab advisory (GHSL-2024-354) details the flaw with references to specific code lines in restart.py (L9) and train.py (L306), but as of publication on 2025-03-19, no patches or mitigations are available for Applio.

Applio's role as a voice conversion tool suggests relevance to AI/ML workflows, where model training and process management are common, heightening the risk in shared or exposed development environments. No real-world exploitation has been reported.