Vulnerability Description
BerriAI/litellm version 1.40.12 contains a vulnerability that allows remote code execution. The issue exists in the handling of the 'post_call_rules' configuration, where a callback function can be added. The provided value is split at the final '.' mark, with the last part considered the function name and the remaining part appended with the '.py' extension and imported. This allows an attacker to set a system method, such as 'os.system', as a callback, enabling the execution of arbitrary commands when a chat response is processed.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Litellm | Litellm | < 1.65.4 |
Related Weaknesses (CWE)
References
- https://github.com/berriai/litellm/commit/441c7275ed2715f47650a7c2e525055c804073
- https://huntr.com/bounties/1d98bebb-6cf4-46c9-87c3-d3b1972973b5ExploitThird Party Advisory
FAQ
What is CVE-2024-6825?
CVE-2024-6825 is a vulnerability with a CVSS score of 8.8 (HIGH). BerriAI/litellm version 1.40.12 contains a vulnerability that allows remote code execution. The issue exists in the handling of the 'post_call_rules' configuration, where a callback function can be ad...
How severe is CVE-2024-6825?
CVE-2024-6825 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-6825?
Check the references section above for vendor advisories and patch information. Affected products include: Litellm Litellm.