Home ยป Database

AVID-2026-R1672

Description

Applio allows SSRF and file write in model_download.py (CVE-2025-27775)

Details

Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery (SSRF) and file write in model_download.py (line 143 in 3.2.7). The blind SSRF allows for sending requests on behalf of Applio server and can be leveraged to probe for other vulnerabilities on the server itself or on other back-end systems on the internal network, that the Applio server can reach. The file write allows for writing files on the server, which can be coupled with other vulnerabilities, for example an unsafe deserialization, to achieve remote code execution on the Applio server. As of time of publication, no known patches are available.

Reason for inclusion in AVID: CVE-2025-27775 targets Applio, a voice conversion tool, exposing SSRF and file write (via model_download.py) with potential for remote code execution. The vulnerability centers on model management/download functionality, which is part of AI-related tooling used in ML pipelines. This constitutes a software supply chain issue within AI systems (dependencies/model assets/runtimes involved in model download and deployment). The report provides explicit impact (SSRF, file write, potential RCE) and references, supporting evidence-based classification.

References

Affected or Relevant Artifacts

  • Developer: IAHispano
  • Deployer: IAHispano
  • Artifact Details:
TypeName
SystemApplio

Impact

AVID Taxonomy Categorization

  • Risk domains: Security
  • SEP subcategories: S0100: Software Vulnerability
  • Lifecycle stages: L06: Deployment

CWE

IDDescription
CWE-918CWE-918: Server-Side Request Forgery (SSRF)

Other information

  • Report Type: Advisory
  • Credits:
  • Date Reported: 2025-03-19
  • Version: 0.3.3
  • AVID Entry