A vulnerability was found in FishAudio Bert-VITS2 up to 2.3. It has been declared as critical. Affected by this vulnerability is the function
generate_config
of the file /config/config.json. The manipulation of the argument data_dir leads to path traversal.
This vulnerability is known as CVE-2024-39688. The attack can be launched remotely. There is no exploit available.