CVE-2024-5751

Name of the Vulnerable Software and Affected Versions: BerriAI/litellm version v1.35.8

Description: The issue allows an attacker to achieve remote code execution. It exists in the add deployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sending a malicious payload to the "/config/update" endpoint, which is then processed and executed by the server when the get secret function is triggered. This requires the server to use Google KMS and a database to store a model.

Recommendations: For version v1.35.8, consider disabling the add deployment function and restrict access to the "/config/update" endpoint until a patch is available. Additionally, review the usage of Google KMS and database storage for models to minimize the risk of exploitation.