2 matches found
CVE-2025-45809
SQL Injection vulnerability in BerriAI LiteLLM before 1.81.0 allows attackers to execute arbitrary commands via the key parameter to the "/key/block" and "/key/unblock" API endpoints...
CVE-2025-45809
CVE-2025-45809 affects BerriAI litellm v1.65.4. The vulnerability is a SQL injection through the /key/block endpoint, enabling an attacker (proxy_admin_viewer) to brute-force files (PoC shows database read via pg_read_file and timing-based checks). The SNYK entry confirms the SQL injection and pr...