CVE-2025-0628 (GCVE-0-2025-0628)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:10 – Updated: 2025-10-15 12:50
VLAI?
Summary
An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.
Severity ?
8.1 (High)
CWE
- CWE-266 - Incorrect Privilege Assignment
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| berriai | berriai/litellm |
Affected:
unspecified , < v1.61.15-nightly
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0628",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T17:49:22.754243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:17:09.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "berriai/litellm",
"vendor": "berriai",
"versions": [
{
"lessThan": "v1.61.15-nightly",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role \u0027internal_user_viewer\u0027 logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as \u0027/users/list\u0027 and \u0027/users/get_users\u0027. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266 Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T12:50:05.101Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc"
},
{
"url": "https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b"
}
],
"source": {
"advisory": "6c0e2f75-2d03-42f9-9530-e16a973317fc",
"discovery": "EXTERNAL"
},
"title": "Improper Authorization in BerriAI/litellm"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2025-0628",
"datePublished": "2025-03-20T10:10:45.400Z",
"dateReserved": "2025-01-21T19:10:36.300Z",
"dateUpdated": "2025-10-15T12:50:05.101Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-0628\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2025-03-20T10:15:53.407\",\"lastModified\":\"2025-10-15T13:16:00.713\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role \u0027internal_user_viewer\u0027 logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as \u0027/users/list\u0027 and \u0027/users/get_users\u0027. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de autorizaci\u00f3n indebida en la \u00faltima versi\u00f3n principal de BerriAI/litellm. Cuando un usuario con el rol \\\"internal_user_viewer\\\" inicia sesi\u00f3n en la aplicaci\u00f3n, se le proporciona una clave API con privilegios excesivos. Esta clave permite acceder a todas las funciones de administraci\u00f3n de la aplicaci\u00f3n, incluyendo endpoints como \\\"/users/list\\\" y \\\"/users/get_users\\\". Esta vulnerabilidad permite la escalada de privilegios dentro de la aplicaci\u00f3n, lo que permite que cualquier cuenta se convierta en administrador proxy.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-266\"}]}],\"references\":[{\"url\":\"https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc\",\"source\":\"security@huntr.dev\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0628\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-20T17:49:22.754243Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-20T17:49:24.269Z\"}}], \"cna\": {\"title\": \"Improper Authorization in BerriAI/litellm\", \"source\": {\"advisory\": \"6c0e2f75-2d03-42f9-9530-e16a973317fc\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"berriai\", \"product\": \"berriai/litellm\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"v1.61.15-nightly\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://huntr.com/bounties/6c0e2f75-2d03-42f9-9530-e16a973317fc\"}, {\"url\": \"https://github.com/berriai/litellm/commit/566d9354aab4215091b2e51ad0333e948125fa1b\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role \u0027internal_user_viewer\u0027 logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as \u0027/users/list\u0027 and \u0027/users/get_users\u0027. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-266\", \"description\": \"CWE-266 Incorrect Privilege Assignment\"}]}], \"providerMetadata\": {\"orgId\": \"c09c270a-b464-47c1-9133-acb35b22c19a\", \"shortName\": \"@huntr_ai\", \"dateUpdated\": \"2025-10-15T12:50:05.101Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0628\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-15T12:50:05.101Z\", \"dateReserved\": \"2025-01-21T19:10:36.300Z\", \"assignerOrgId\": \"c09c270a-b464-47c1-9133-acb35b22c19a\", \"datePublished\": \"2025-03-20T10:10:45.400Z\", \"assignerShortName\": \"@huntr_ai\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…