CVE-2024-5751 Information

Description

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the add_deployment function which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sending a malicious payload to the /config/update endpoint which is then processed and executed by the server when the get_secret function is triggered. This requires the server to use Google KMS and a database to store a model.

Reference

https://huntr.com/bounties/ae623c2f-b64b-4245-9ed4-f13a0a5824ce