Lucene search

K
cve@huntr_aiCVE-2024-5751
HistoryJun 27, 2024 - 7:15 p.m.

CVE-2024-5751

2024-06-2719:15:16
CWE-94
@huntr_ai
web.nvd.nist.gov
29
berriai/litellm version v1.35.8
remote code execution
add_deployment function
base64
os.environ
config/update endpoint
get_secret function
google kms
database

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

40.4%

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the add_deployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sending a malicious payload to the /config/update endpoint, which is then processed and executed by the server when the get_secret function is triggered. This requires the server to use Google KMS and a database to store a model.

Affected configurations

Nvd
Vulnrichment
Node
litellmlitellmMatch1.35.8
VendorProductVersionCPE
litellmlitellm1.35.8cpe:2.3:a:litellm:litellm:1.35.8:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "berriai",
    "product": "berriai/litellm",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "latest"
      }
    ]
  }
]

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.001

Percentile

40.4%

Related for CVE-2024-5751