CVE-2025-27787

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to denial of service (DoS) in restart.py. model_name in train.py takes user input, and passes it to the stop_train function in restart.py, which uses it construct a path to a folder with config.json. That config.json is opened and the list of values under "process_pids" are read. Next all the process IDs listed in the JSON are killed. Using one of the arbitrary file writes, one can write to logs/foobar a config.json file, which contains a list of process IDs. Then one can access this endpoint to kill these processes. Since an attacker can't know what process is running on which process ID, they can send a list of hundreds of process IDs, which can kill the process that applio is using to run, as well as other, potentially important processes, which leads to DoS. Note that constructing a path with user input also enables path traversal. For example, by supplying "../../" in model_name one can access config.json freom locations two folders down on the server. As of time of publication, no known patches are available.