7 matches found
Incorrect Authorization
Overview litellm is a Library to easily interface with LLM API providers Affected versions of this package are vulnerable to Incorrect Authorization via the /user/update endpoint. An attacker can gain full administrative access by modifying their own userrole field to proxyadmin to escalate...
LiteLLM: Authenticated command execution via MCP stdio test endpoints
Impact Two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration in the request body, including the command, args, and env fields used by the stdio transport. When called with a stdio...
EUVD-2023-36522
Malicious code in bioql PyPI...
CVE-2023-32268
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators...
CVE-2023-32268
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators...
CVE-2023-32268
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators...
Default credentials
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators...