216.73.217.22

CVE-2026-35029

· Published 06/04/2026 17:17 · Modified 07/04/2026 20:21

Labels: CVE-2026-35029 2026-04-06CVE-2026-35029CWE-863[email protected]

Essential information

Published
06/04/2026 17:17
Modified
07/04/2026 20:21
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment variables, register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution, read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image, and take over other privileged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables. Fixed in v1.83.0.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
litellm / litellm cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*

References