CVE-2026-27897 Overview
CVE-2026-27897 is a critical directory traversal vulnerability affecting Vociferous, a cross-platform offline speech-to-text application with local AI refinement capabilities. The vulnerability exists in the src/api/system.py file within the export_file route, where insufficient validation of user-supplied filenames allows attackers to write arbitrary files to any location accessible by the application's user permissions.
The application accepts a JSON payload containing a filename and content through an unauthenticated API endpoint. While the developer intended for a native UI dialog to handle file path selection, the API itself lacks proper validation of the filename parameter. Combined with an overly permissive CORS configuration (allow_origins=["*"] or allowing localhost), external attackers can bypass the UI entirely and exploit this vulnerability remotely.
Critical Impact
Unauthenticated attackers can achieve arbitrary file write capabilities on the target system by using directory traversal sequences (../) to escape the intended directory, potentially leading to remote code execution, data corruption, or complete system compromise.
Affected Products
- Vociferous versions prior to 4.4.2
- Systems running Vociferous with network-accessible API endpoints
- Deployments with permissive CORS configurations
Discovery Timeline
- 2026-03-11 - CVE CVE-2026-27897 published to NVD
- 2026-03-12 - Last updated in NVD database
Technical Details for CVE-2026-27897
Vulnerability Analysis
This directory traversal vulnerability (CWE-22) represents a fundamental failure in input validation within the Vociferous application's file export functionality. The vulnerable endpoint accepts arbitrary filename strings without sanitization, allowing attackers to use path traversal sequences to write files outside the intended directory structure.
The core issue stems from a design assumption that all file operations would be mediated by the native UI file dialog. However, since the underlying API is directly accessible and lacks authentication, attackers can craft malicious requests that bypass the intended user interface entirely.
The overly permissive CORS policy exacerbates this vulnerability significantly. By allowing all origins or localhost connections, the application enables cross-origin requests that can be initiated from malicious websites, effectively turning any browser visit into a potential attack vector against local Vociferous installations.
Root Cause
The root cause is improper input validation in the export_file route handler located in src/api/system.py. The application fails to sanitize or validate the filename parameter from the JSON payload before passing it to filesystem operations. This allows directory traversal sequences such as ../ to be processed, enabling file writes to arbitrary locations within the user's permission scope.
Additionally, the lack of authentication on the API endpoint and the permissive CORS configuration in app.py compound the severity by allowing remote exploitation without any user interaction beyond visiting a malicious webpage.
Attack Vector
The attack is network-based and requires no authentication or user privileges. An attacker can exploit this vulnerability by sending a crafted HTTP request to the export_file endpoint with a malicious filename containing directory traversal sequences.
The attack flow typically involves:
- Identifying a target system running a vulnerable Vociferous instance with an accessible API
- Crafting a JSON payload with a filename containing path traversal sequences (e.g., ../../../etc/cron.d/malicious)
- Sending the payload to the export_file endpoint to write arbitrary content to the target location
- Depending on the target file location, achieving code execution, persistence, or data manipulation
The vulnerability can be triggered remotely through cross-origin requests due to the permissive CORS policy, meaning an attacker could host a malicious webpage that automatically exploits any visitor's local Vociferous installation.
Detection Methods for CVE-2026-27897
Indicators of Compromise
- Unexpected file creations or modifications in system directories or user home directories
- HTTP requests to the /export_file or similar API endpoints containing ../ sequences in JSON payloads
- Web server logs showing requests with path traversal patterns in request bodies
- Suspicious cross-origin requests originating from unknown external domains
Detection Strategies
- Implement web application firewall (WAF) rules to detect and block requests containing directory traversal sequences in JSON payloads
- Monitor API access logs for requests to the export_file endpoint from unexpected origins or with suspicious payload patterns
- Deploy file integrity monitoring (FIM) on critical system directories to detect unauthorized file writes
- Use network traffic analysis to identify cross-origin requests targeting local Vociferous API endpoints
Monitoring Recommendations
- Enable detailed logging for all API endpoints in Vociferous, particularly file operation routes
- Configure alerts for any file write operations outside the designated export directory
- Monitor for unusual process behavior following file writes, which may indicate successful exploitation leading to code execution
- Review CORS-related headers in outbound responses to identify overly permissive configurations
How to Mitigate CVE-2026-27897
Immediate Actions Required
- Upgrade Vociferous to version 4.4.2 or later immediately
- If immediate upgrade is not possible, disable network access to the Vociferous API by binding it to localhost only with firewall rules
- Review and restrict the CORS configuration to allow only trusted origins
- Audit systems for any unauthorized file modifications that may indicate prior exploitation
Patch Information
The vulnerability has been fixed in Vociferous version 4.4.2. Users should upgrade to this version or later to remediate the vulnerability. The fix implements proper input validation on the filename parameter and restricts the CORS policy. For detailed information about the security fix, refer to the GitHub Security Advisory.
Workarounds
- Restrict network access to the Vociferous API using host-based firewall rules to prevent remote exploitation
- Configure a reverse proxy in front of the application to filter requests containing path traversal sequences
- Modify the CORS configuration in app.py to restrict allowed origins to trusted domains only
- Consider running Vociferous in a sandboxed environment or container with limited filesystem access
# Example firewall rule to restrict API access (Linux iptables)
# Block external access to Vociferous default port
iptables -A INPUT -p tcp --dport 8000 -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 8000 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
