CVE-2025-27786
Published: 19 March 2025
Summary
CVE-2025-27786 is a high-severity Path Traversal (CWE-22) vulnerability in Applio Applio. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 22.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-6 (Least Privilege).
Deeper analysis
Applio, an open-source voice conversion tool, is affected by an arbitrary file deletion vulnerability in versions 3.2.8-bugfix and earlier. The flaw stems from insufficient input validation in the text-to-speech workflow: tts.py accepts an attacker-controlled value for output_tts_path and forwards it to run_tts_script in core.py, which performs an existence check followed by an unconditional removal of the supplied path. This constitutes a classic path traversal issue tracked as CWE-22.
An unauthenticated remote attacker can supply an arbitrary filesystem path through the TTS interface and cause the application to delete any file the process has permission to remove, resulting in high-impact integrity and availability consequences without requiring user interaction.
The referenced GitHub Security Lab advisory (GHSL-2024-341) and the linked source files document the vulnerable code paths in detail. At the time of disclosure no official patches were available for the affected versions.
EPSS scores have remained low and stable near 0.01 with only a negligible peak, indicating limited observed exploitation interest to date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6796
Vulnerability details
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file removal in core.py. `output_tts_path` in tts.py takes arbitrary user input and passes it to `run_tts_script` function in core.py, which checks if the path in `output_tts_path`…
more
exists, and if yes, removes that path, which leads to arbitrary file removal. As of time of publication, no known patches are available.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated path traversal in public-facing TTS functionality directly enables exploitation of public-facing apps (T1190) and arbitrary file deletion (T1070.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents path traversal exploits by requiring validation of arbitrary user inputs like output_tts_path before passing to file removal functions in core.py.
Mitigates impact of arbitrary file deletion by enforcing least privilege on the application process, limiting permissions to delete sensitive or system files.
Addresses the root cause vulnerability through timely flaw remediation, including patching the insecure path handling in tts.py and core.py.