Vulnerability Description
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the bert_gen function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fishaudio | Bert-Vits2 | <= 2.3 |
Related Weaknesses (CWE)
References
- https://github.com/fishaudio/Bert-VITS2/blob/3f8c537f4aeb281df3fb3c455eed9a1b648Issue Tracking
- https://github.com/fishaudio/Bert-VITS2/blob/76653b5b6d657143721df2ed6c5c246b4b1Issue Tracking
- https://securitylab.github.com/advisories/GHSL-2024-045_GHSL-2024-047_fishaudio_ExploitThird Party Advisory
- https://github.com/fishaudio/Bert-VITS2/blob/3f8c537f4aeb281df3fb3c455eed9a1b648Issue Tracking
- https://github.com/fishaudio/Bert-VITS2/blob/76653b5b6d657143721df2ed6c5c246b4b1Issue Tracking
- https://securitylab.github.com/advisories/GHSL-2024-045_GHSL-2024-047_fishaudio_ExploitThird Party Advisory
FAQ
What is CVE-2024-39686?
CVE-2024-39686 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the data_dir variable is used directly in a command executed with subprocess.run(cmd, shell=True) in the bert_gen functi...
How severe is CVE-2024-39686?
CVE-2024-39686 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2024-39686?
Check the references section above for vendor advisories and patch information. Affected products include: Fishaudio Bert-Vits2.