🛡️ CVE-2025-27787
🟠 CVSS 7.5 — High ⚠️ Exploit Public CWE-22 NVD
7.5
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to denial of service (DoS) in restart.py. `model_name` in train.py takes user input, and passes it to the `stop_train` function in restart.py, which uses it construct a path to a folder with `config.json`. That `config.json` is opened and the list of values under "process_pids" are read. Next all the process IDs listed in the JSON are killed. Using one of the arbitrary file writes, one can write to `logs/foobar` a `config.json` file, which contains a list of process IDs. Then one can access this endpoint to kill these processes. Since an attacker can't know what process is running on which process ID, they can send a list of hundreds of process IDs, which can kill the process that applio is using to run, as well as other, potentially important processes, which leads to DoS. Note that constructing a path with user input also enables path traversal. For example, by supplying "../../" in `model_name` one can access `config.json` freom locations two folders down on the server. As of time of publication, no known patches are available.

Details

Severity HIGH
CVSS Score 7.5
CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE CWE-22
Public Exploit ⚠️ Yes
Source NVD
Published 2025-03-19
Updated 2026-06-02
Modified 2025-08-01
Fix URL N/A

Affected Packages

Software From version Fixed in
applio 3.2.8-bugfix

Similar Threats

Patch Gap Protection

Running software with known vulnerabilities?

BotEraser can help reduce exposure by blocking IPs associated with exploit activity — even before a patch is available.

Start Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.