CVE-2024-4888: Arbitrary file deletion in litellm

June 6, 2024 (updated November 4, 2024)

BerriAI’s litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the /audio/transcriptions endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes the specified file without proper authorization or validation. This vulnerability is present in the code where os.remove(file.filename) is used to delete a file, allowing any user to delete critical files on the server such as SSH keys, SQLite databases, or configuration files.

References

github.com/BerriAI/litellm
github.com/BerriAI/litellm/pull/3193
github.com/advisories/GHSA-3xr8-qfvj-9p9j
huntr.com/bounties/48461d89-cf13-4ad3-a43e-0d37da08fc6c
nvd.nist.gov/vuln/detail/CVE-2024-4888

Detect and mitigate CVE-2024-4888 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →