CVE-2026-35029 Scanner

LiteLLM is a widely used software in the development and deployment of AI and machine learning models. It is utilized by companies that require scalable machine learning systems and is often used on cloud platforms due to its efficiency in handling large datasets. Developers and data scientists use LiteLLM to streamline model training processes and optimize machine learning workflows. The software supports various integration methods, making it versatile in different environments. Its user-friendly interface and robust API support contribute to its popularity among professionals in AI research and development. LiteLLM continues to evolve, supporting the latest AI technologies and methodologies.

The vulnerability detected in LiteLLM versions below 1.83.0 allows arbitrary file reading due to broken access control on the /config/update endpoint. This security flaw arises from inadequate enforcement of admin role permissions, which lets authenticated users exploit the endpoint, read sensitive files, and potentially modify configurations. Such vulnerabilities are critical as they may lead to unauthorized access to confidential information, including system passwords and personal data. Addressing this vulnerability requires understanding its impact across various system components it might be integrated with. Weak access controls like this are common targets for attackers seeking to escalate privileges or access sensitive data.

Technical analysis reveals that the /config/update endpoint is vulnerable, lacking proper admin role enforcement. Authenticated users can exploit this by setting the FILE_TO_READ parameter to target specific files and extract them remotely using crafted requests. The payloads crafted in the requests enable attackers to interfere with environment variables, which can manipulate how the software interacts with system files. Attackers can encode their exfiltration targets using base64, masking their actions and making detection harder unless proactive monitoring is employed. This vulnerability emphasizes the importance of stringent role-based access controls in application security.

If exploited, this vulnerability allows malicious users to gain unauthorized access to protected file contents, leading to potential information disclosure. This could further escalate into full system compromise if sensitive configuration files or credentials are extracted and misused. The ability to read arbitrary files could be leveraged to uncover system architecture details, personal user data, or other security measures in place. Such information could facilitate more severe exploits, compounding the damaging effects of the initial breach. Companies using vulnerable LiteLLM versions may face data breaches, legal issues, and damage to their reputation.

REFERENCES

• https://github.com/BerriAI/litellm
• https://sec-consult.com/vulnerability-lab/advisory/broken-access-control-in-config-endpoint-in-litellm/
• https://nvd.nist.gov/vuln/detail/CVE-2026-35029