A critical vulnerability in BerriAI LiteLLM prior to version 1.84.0 creates an urgent security risk for organizations utilizing this AI gateway proxy.

While specific technical details are limited, the critical nature of the vulnerability in a proxy server architecture typically suggests an authentication bypass or remote execution flaw that allows unauthenticated access to the backend LLM APIs.

As a gateway server, LiteLLM acts as a central point of control for AI calls; compromise of this component could allow an attacker to intercept, manipulate, or exfiltrate sensitive data sent to LLM providers. With a CVSS score of 9.5, the risk of total system compromise and unauthorized data access is extreme, demanding an immediate response.

Immediate Action: Update BerriAI LiteLLM to version 1.84.0 or later across all production environments.

Proactive Monitoring: Examine server logs for unauthorized configuration changes or unexpected outbound requests directed at connected LLM APIs.

Compensating Controls: Deploy a Web Application Firewall (WAF) with strict ingress filtering to limit access to the LiteLLM proxy to known, trusted IP addresses.

Public Exploit Available: No

Given the central role of LiteLLM in AI workflows, this vulnerability must be treated as a high-priority incident. Administrators should verify their current version and deploy the update immediately to mitigate the risk of unauthorized LLM proxy access.