AVID-2026-R1579

Description

Remote Code Execution in BerriAI/litellm (CVE-2024-5751)

Details

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the add_deployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sending a malicious payload to the /config/update endpoint, which is then processed and executed by the server when the get_secret function is triggered. This requires the server to use Google KMS and a database to store a model.

Reason for inclusion in AVID: CVE-2024-5751 describes a remote code execution vulnerability in BerriAI/litellm, an AI deployment/serving component. The flaw arises during deployment configuration processing, enabling an attacker to execute code on the server, which directly impacts the AI software stack used to build/run general-purpose AI systems. This is a software supply-chain issue affecting AI model deployment infrastructure, not hardware/firmware-only. The report provides explicit vulnerability behavior (RCE) and affected components, enabling AVID curation decisions.

References

• NVD entry
• https://huntr.com/bounties/ae623c2f-b64b-4245-9ed4-f13a0a5824ce

Affected or Relevant Artifacts

• Developer: berriai
• Deployer: berriai
• Artifact Details:

Impact

AVID Taxonomy Categorization

• Risk domains: Security
• SEP subcategories: S0100: Software Vulnerability
• Lifecycle stages: L06: Deployment

CVSS

CWE

Other information

• Report Type: Advisory
• Credits:
• Date Reported: 2024-06-27
• Version: 0.3.3
• AVID Entry