CVE-2025-27783
Published: 19 March 2025
Summary
CVE-2025-27783 is a critical-severity Path Traversal (CWE-22) vulnerability in Applio Applio. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 5.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Information input validation directly prevents path traversal attacks in train.py that enable arbitrary file writes.
Flaw remediation requires timely identification and patching of the arbitrary file write vulnerability in train.py and related components.
Least privilege limits the scope and impact of arbitrary file writes by restricting the Applio process's filesystem access permissions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated arbitrary file write in public-facing Applio server (T1190) chained with unsafe deserialization for Python-based RCE (T1059.006).
NVD Description
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in train.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe…
more
deserialization to achieve remote code execution. As of time of publication, no known patches are available.
Deeper analysisAI
CVE-2025-27783 is an arbitrary file write vulnerability (CWE-22) in Applio, an open-source voice conversion tool. It affects versions 3.2.8-bugfix and prior, specifically within the train.py component. The flaw enables attackers to write arbitrary files on the Applio server and can be chained with an unsafe deserialization issue to achieve remote code execution. The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical.
Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity and no user interaction required. By targeting the affected train.py code paths, they can overwrite or create files at arbitrary locations on the server, potentially leading to full system compromise when combined with deserialization flaws for remote code execution.
The GitHub Security Lab advisory (GHSL-2024-341 and GHSL-2024-353) identifies the issue in train.py lines 212-225 and 484-491, as well as inference.py line 295. As of the CVE publication on 2025-03-19, no patches are available, leaving users to mitigate by avoiding vulnerable versions or restricting network access to Applio servers.
Details
- CWE(s)