Description

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment variables, register custom pass-through endpoint handlers pointing to attacker-controlled Python code, achieving remote code execution, read arbitrary server files by setting UI_LOGO_PATH and fetching via /get_image, and take over other privileged accounts by overwriting UI_USERNAME and UI_PASSWORD environment variables. Fixed in v1.83.0.

INFO

Published Date :

2026-04-06T16:35:28.974Z

Last Modified :

2026-04-06T18:41:19.672Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-35029 vulnerability.

Vendors Products
Berriai
  • Litellm
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-35029.

URL Resource
https://github.com/BerriAI/litellm/security/advisories/GHSA-53mr-6c8q-9789 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability