CVE-2025-43844
Published: 05 May 2025
Summary
CVE-2025-43844 is a high-severity Command Injection (CWE-77) vulnerability in Rvc-Project Retrieval-Based-Voice-Conversion-Webui. Its CVSS base score is 8.9 (High).
Operationally, ranked in the top 11.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Retrieval-based-Voice-Conversion-WebUI, a voice conversion framework based on VITS, is affected by a command injection vulnerability in versions 2.2.231006 and earlier. The issue occurs because user-controlled variables such as exp_dir1 are passed directly into the click_train function, which concatenates them into a shell command executed on the server, enabling arbitrary command execution. The flaw is tracked as CWE-77 and carries a CVSS 4.0 score of 8.9.
Unauthenticated remote attackers can exploit the vulnerability over the network by supplying crafted input to the affected web interface endpoints. Successful exploitation grants full control over the server, allowing arbitrary code execution with impacts to confidentiality, integrity, and availability.
The referenced GitHub Security Lab advisory (GHSL-2025-012 through GHSL-2025-022) and source code links confirm the injection paths in infer-web.py but note that no patches were available at the time of publication. The associated EPSS score remains flat at 0.0367 with no material increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-13514
Vulnerability details
Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to command injection. The variables exp_dir1, among others, take user input and pass it to the click_train function, which concatenates them into a command that…
more
is run on the server. This can lead to arbitrary command execution. As of time of publication, no known patches exist.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.