CVE-2025-0628
published 2025-03-20CVE-2025-0628: An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the…
PriorityP350high8.1CVSS 3.0
AVNACLPRLUINSUCHIHAN
EPSS
0.32%
23.2th percentile
An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform-26 | lightspeed-chatbot-rhel9 | — | — |
| ansible-automation-platform-27 | lightspeed-chatbot-rhel9 | — | — |
| berriai | litellm | — | — |
| berriai | litellm | — | — |
| berriai | litellm | — | — |
| exploit-intelligence-tech-preview | vulnerability-analysis-rhel9 | — | — |
| litellm | litellm | <= 1.82.2 | — |
| litellm | litellm | >= 0 < 1.61.15 | 1.61.15 |
| rhoai | odh-llama-stack-core-rhel9 | — | — |
| rhoai | odh-mlflow-rhel9 | — | — |
| rhoai | odh-trustyai-garak-lls-provider-dsp-rhel9 | — | — |
CVSS provenance
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
vendor_redhat8.1HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
A security vulnerability has been detected in BerriAI litellm up to 1.82.2.
ghsa_unreviewed·2026-06-21·CVSS 8.1
CVE-2026-12799 [HIGH] CWE-266 A security vulnerability has been detected in BerriAI litellm up to 1.82.2.
A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.
VulDB
BerriAI litellm up to 1.82.2 Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization
vuldb·2026-06-20·CVSS 8.1
CVE-2026-12799 [HIGH] BerriAI litellm up to 1.82.2 Incomplete Fix CVE-2025-0628 internal_user_endpoints.py ui_view_users improper authorization
A vulnerability was found in BerriAI litellm up to 1.82.2. It has been declared as problematic. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization.
This vulnerability is referenced as CVE-2026-12799. It is possible to launch the attack remotely. Furthermore, an exploit is available.
The vendor was contacted early about this disclosure.
GHSA
LiteLLM Has an Improper Authorization Vulnerability
ghsa·2025-03-20
CVE-2025-0628 [HIGH] CWE-266 LiteLLM Has an Improper Authorization Vulnerability
LiteLLM Has an Improper Authorization Vulnerability
An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.
OSV
LiteLLM Has an Improper Authorization Vulnerability
osv·2025-03-20
CVE-2025-0628 [HIGH] LiteLLM Has an Improper Authorization Vulnerability
LiteLLM Has an Improper Authorization Vulnerability
An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin functionality of the application, including endpoints such as '/users/list' and '/users/get_users'. This vulnerability allows for privilege escalation within the application, enabling any account to become a PROXY ADMIN.
Red Hat
litellm: BerriAI litellm: Information Disclosure via improper authorization in ui_view_users function
vendor_redhat·2026-06-21·CVSS 8.1
CVE-2026-12799 [HIGH] CWE-639 litellm: BerriAI litellm: Information Disclosure via improper authorization in ui_view_users function
litellm: BerriAI litellm: Information Disclosure via improper authorization in ui_view_users function
A security vulnerability has been detected in BerriAI litellm up to 1.82.2. Affected by this issue is the function ui_view_users of the file litellm/proxy/management_endpoints/internal_user_endpoints.py of the component Incomplete Fix CVE-2025-0628. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.
A flaw was found in BerriAI litellm. A remote attacker could exploit an improper authorization vulnerability in the `ui_view_users` function to gain access to sensitive information. This issue is related to an incomplete fix for a previou
No detection rules found.
No public exploits indexed.
2025-03-20
Published