CVE-2024-4888 — HIGH (CVSS 8.1) AI Security Vulnerability

BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. An attacker can exploit this vulnerability...

Full analysis pending. Showing NVD description excerpt.

Affected Systems

Package	Ecosystem	Vulnerable Range	Patched
litellm	pip	—	No patch

Do you use litellm? You're affected.

Severity & Risk

CVSS 3.1

8.1 / 10

EPSS

N/A

KEV Status

Not in KEV

Sophistication

N/A

Recommended Action

No patch available

Monitor for updates. Consider compensating controls or temporary mitigations.

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Technical Details

NVD Description

BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes the specified file without proper authorization or validation. This vulnerability is present in the code where `os.remove(file.filename)` is used to delete a file, allowing any user to delete critical files on the server such as SSH keys, SQLite databases, or configuration files.

Weaknesses (CWE)

CWE-862 CWE-862

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

References

huntr.com/bounties/48461d89-cf13-4ad3-a43e-0d37da08fc6c
Exploit 3rd Party
huntr.com/bounties/48461d89-cf13-4ad3-a43e-0d37da08fc6c
Exploit 3rd Party

Timeline

Published

June 6, 2024

Last Modified

November 21, 2024

First Seen

June 6, 2024