CVE-2024-39688 | FishAudio Bert-VITS2 up to 2.3 /config/config.json generate_config data_dir path traversal (GHSL-2024-045)

Inserito da Angelo Barbosa | Lug 22, 2024 | CVE

A vulnerability was found in FishAudio Bert-VITS2 up to 2.3. It has been declared as critical. Affected by this vulnerability is the function generate_config of the file /config/config.json. The manipulation of the argument data_dir leads to path traversal.

This vulnerability is known as CVE-2024-39688. The attack can be launched remotely. There is no exploit available.

CVE-2024-39688 | FishAudio Bert-VITS2 up to 2.3 /config/config.json generate_config data_dir path traversal (GHSL-2024-045)

Post correlati

CVE-2024-30376 | Famatech Advanced IP Scanner uncontrolled search path

CVE-2024-4424 | CEMI Tomasz Pawełek CemiPark 4.5/4.7/5.03 cross site scripting

CVE-2024-24704 | AddonMaster Load More Anything Plugin up to 3.3.3 on WordPress authorization

CVE-2024-1017 | Gabriels FTP Server 1.2 USERNAME denial of service (ID 176714)