A high-severity privilege escalation vulnerability in LiteLLM allows authenticated internal users to gain unauthorized administrative control over the proxy.

The application fails to properly validate permissions when generating API keys, allowing an authenticated internal user to assign access to restricted routes. This flaw permits an attacker to escalate privileges from a standard user to a proxy administrator.

The vulnerability carries a CVSS score of 8.8, indicating a high risk of unauthorized administrative takeover. Successful exploitation allows an attacker to manipulate AI routing, access sensitive API configurations, and potentially intercept or modify downstream requests, leading to severe data compromise and loss of system integrity.

Immediate Action: Upgrade to LiteLLM version v1.83.14-stable or later to apply the necessary permission checks.

Proactive Monitoring: Monitor audit logs for unusual API key generation events or access to administrative routes by non-privileged accounts.

Compensating Controls: Implement strict network segmentation and restrict access to the LiteLLM administrative interface to trusted management networks only.

Public Exploit Available: True

The presence of public exploit code significantly increases the risk of active exploitation. Organizations utilizing LiteLLM must prioritize upgrading to version v1.83.14-stable immediately to close this privilege escalation vector and prevent unauthorized administrative access to their proxy infrastructure.