CVE-2024-6825

Description

BerriAI/litellm version 1.40.12 contains a vulnerability that allows remote code execution. The issue exists in the handling of the 'post_call_rules' configuration, where a callback function can be added. The provided value is split at the final '.' mark, with the last part considered the function name and the remaining part appended with the '.py' extension and imported. This allows an attacker to set a system method, such as 'os.system', as a callback, enabling the execution of arbitrary commands when a chat response is processed.

How to fix CVE-2024-6825

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• —no fix listed

Is CVE-2024-6825 being exploited?

Low — EPSS is 1.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• >= 1.40.3.dev2, <= 1.40.12

CVSS scores

References (5)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2024-6825
• PATCHgithub.com/BerriAI/litellm
• WEBgithub.com/BerriAI/litellm/blob/056913fd7049923a106130b02d7c29e7f312beec/litellm/utils.py#L2818
• WEBgithub.com/berriai/litellm/commit/441c7275ed2715f47650a7c2e525055c804073a9