7.2

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-4264

CVE-2024-4264: litellm passes untrusted data to `eval` function without sanitization

A remote code execution (RCE) vulnerability exists in the berriai/litellm project due to improper control of the generation of code when using the eval function unsafely in the litellm.get_secret() method. Specifically, when the server utilizes Google KMS, untrusted data is passed to the eval function without any sanitization. Attackers can exploit this vulnerability by injecting malicious values into environment variables through the /config/update endpoint, which allows for the update of settings in proxy_server_config.yaml.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-4264

CVE-2024-4264:

7.2

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
litellm	pip	<= 1.28.11

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability specifically cites improper use of eval() in litellm.get_secret() when handling Google KMS secrets. The linked utils.py code (lines 9867-9885) contains the secret handling logic. Since environment variables controlled via the /config/update endpoint are passed directly to eval() without validation, this function is the clear injection point. The other referenced proxy_server.py endpoints handle the config updates but the actual vulnerable code path is in the eval() usage within get_secret().

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.2

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-4264: litellm passes untrusted data to `eval` function without sanitization

CVE-2024-4264:

7.2

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

CVE-2024-4264: litellm passes untrusted data to `eval` function without sanitization

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

7.2

7.2

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI