CVE-2024-39685 - Vulnerability Details

- fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function

Description

Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier.

Published: 2024-07-22

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

FishAudio

Bert-VITS2

affected

Version	Status	Constraints
`<= 2.3`	affected	—

Configuration 1 [-]

cpe:2.3:a:fish.audio:bert-vits2:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-38187	Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00239.

Exploitation poc

Automatable yes

Technical Impact total

References

Link	Providers
https://github.com/fishaudio/Bert-VITS2/blob/3f8c537f4aeb281df3fb3c455eed9a1b64871a81/webui_preprocess.py#L46-L52
https://github.com/fishaudio/Bert-VITS2/blob/76653b5b6d657143721df2ed6c5c246b4b1d9277/webui_preprocess.py#L130-L133
https://securitylab.github.com/advisories/GHSL-2024-045_GHSL-2024-047_fishaudio_Bert-VITS2/

History

Wed, 11 Sep 2024 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fish.audio Fish.audio bert-vits2
CPEs		cpe:2.3:a:fish.audio:bert-vits2::::::::
Vendors & Products		Fish.audio Fish.audio bert-vits2

Subscriptions

Fish.audio Bert-vits2

Fishaudio Bert-vits2

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-22T15:13:06.926Z

Updated: 2024-08-02T04:26:15.950Z

Reserved: 2024-06-27T18:44:13.035Z

Link: CVE-2024-39685

Vulnrichment

Updated: 2024-07-22T16:07:48.887Z

NVD

Status : Modified

Published: 2024-07-22T16:15:03.417

Modified: 2024-11-21T09:28:13.100

Link: CVE-2024-39685

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-78

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation poc

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object