Impact
LiteLLM versions 1.81.16 through 1.83.7 contain a critical SQL injection vulnerability within the proxy's API key verification mechanism [S1]. Successful exploitation allows an unauthenticated attacker to bypass security controls or perform unauthorized database operations [S1]. This vulnerability is assigned a CVSS score of 9.8, reflecting its high impact on system confidentiality and integrity [S2].
Root Cause
The vulnerability exists because the LiteLLM proxy fails to properly sanitize or parameterize the API key provided in the Authorization header before using it in a database query [S1]. This allows malicious SQL commands embedded in the header to be executed by the backend database [S3].
Affected Versions
- LiteLLM: Versions 1.81.16 up to (but not including) 1.83.7 [S1].
Concrete Fixes
- Update LiteLLM: Immediately upgrade the
litellmpackage to version 1.83.7 or later to patch the injection flaw [S1]. - Audit Database Logs: Review database access logs for unusual query patterns or unexpected syntax originating from the proxy service [S1].
Detection Logic
Security teams can identify exposure by:
- Version Scanning: Checking environment manifests for LiteLLM versions within the affected range (1.81.16 to 1.83.6) [S1].
- Header Monitoring: Inspecting incoming requests to the LiteLLM proxy for SQL injection patterns specifically within the
Authorization: Bearertoken field [S1].