Primary

Context

LiteLLM Unrestricted Proxy Configuration Endpoint Vulnerability Allowing Privilege Escalation and Remote Code Execution

Vulnerability

Patched

A vulnerability in LiteLLM versions prior to 1.83.0 allows authenticated users to bypass admin role authorization on the /config/update endpoint. This exploitation can lead to unauthorized modifications of proxy configurations and environment variables, registration of custom endpoint handlers that execute attacker-controlled Python code, remote code execution, unauthorized access to privileged accounts by overwriting specific environment variables, and unauthorized reading of server files through a crafted request.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation, remote code execution, and unauthorized access to sensitive server files and accounts.

Remediation

Users can upgrade to LiteLLM version 1.83.0 or later, where the vulnerability has been patched by requiring admin role authorization on the affected endpoint.

Added: Apr 6, 2026, 5:31 PM

Updated: Apr 6, 2026, 5:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.9

relevance

5.4

threat

0.5

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.9

relevance

5.4

threat

0.5

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LiteLLM Unrestricted Proxy Configuration Endpoint Vulnerability Allowing Privilege Escalation and Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

BerriAI LiteLLM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating