Medium Severity
litellm
Arbitrary File Deletion Vulnerability in Audio Transcription Endpoint
A vulnerability in the berriai/litellm software allows any user to delete arbitrary files on the server through the `/audio/transcriptions` endpoint. This issue affects the latest version of the software. There is no fixed version mentioned, indicating that the vulnerability may still be present.
Available publicly on Jun 03 2024
Threat Overview
The vulnerability stems from improper input validation in the /audio/transcriptions endpoint, where the server directly uses the filename provided by the user to delete files without verifying the legitimacy or scope of the file path. This allows an attacker to specify any file path on the server, leading to the deletion of critical files such as SSH keys, SQLite databases, or configuration files, potentially causing denial of service or further compromise.
Attack Scenario
An attacker can exploit this vulnerability by crafting a malicious request to the /audio/transcriptions endpoint, including a file with a path to a critical file on the server. By doing so, the attacker can cause the server to delete the specified file, leading to potential service disruption or further vulnerabilities.
Who is affected
Any system running the latest version of berriai/litellm with the vulnerable /audio/transcriptions endpoint exposed is at risk. This includes servers hosting the software that process transcription requests from untrusted sources.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.
