Skip to content

Add cve-2026-42208 detection module (SQLi in LiteLLM)#1557

Open
Franc-Zar wants to merge 2 commits into
OWASP:masterfrom
Franc-Zar:cve-2026-42208
Open

Add cve-2026-42208 detection module (SQLi in LiteLLM)#1557
Franc-Zar wants to merge 2 commits into
OWASP:masterfrom
Franc-Zar:cve-2026-42208

Conversation

@Franc-Zar

@Franc-Zar Franc-Zar commented May 24, 2026

Copy link
Copy Markdown

Proposed change

This PR adds a new detection module for CVE-2026-42208: pre-authentication SQL injection in LiteLLM Proxy.
The module has been thoroughly tested against several official litellm/litellm-database (Docker Hub) and ghcr.io/berriai/litellm-database images:

  • 28 vulnerable versions (1.81.16-nightly → v1.83.6-nightly): all detected as expected
  • 16 patched versions (1.83.7 → v1.83.14): none detected as expected
  • 34 pre-vulnerable versions (v1.80.15 → v1.81.15-nightly): none detected as expected

Note: the SQLi payload targets PostgreSQL exclusively, as LiteLLM documentation states PostgreSQL is the only supported database for production deployments.

Closes #1548

nettacker_litellm

Type of change

  • New core framework functionality
  • Bugfix (non-breaking change that fixes an issue)
  • Code refactoring without any functionality changes
  • New or existing module/payload change
  • Documentation/localization improvement
  • Test coverage improvement
  • Dependency upgrade
  • Other improvement (best practice, cleanup, optimization, etc)

Checklist

  • I've followed the contributing guidelines
  • I've digitally signed all my commits in this PR
  • I've run make pre-commit and confirm it didn't generate any warnings/changes
  • I've run make test and I confirm all tests passed locally
  • I've added/updated any relevant documentation in the docs/ folder
  • I've linked this PR with an open issue
  • I've tested and verified that my code works as intended and resolves the issue as described
  • I've attached screenshots demonstrating that my code works as intended (if applicable)
  • I've checked all other open PRs to avoid submitting duplicate work
  • I confirm that the code and comments in this PR are not direct unreviewed outputs of AI
  • I confirm that I am the Sole Responsible Author for every line of code, comment, and design decision

@coderabbitai

coderabbitai Bot commented May 24, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 8bb3b513-c73e-4e16-b884-0ca0483b700f

📥 Commits

Reviewing files that changed from the base of the PR and between 93e841b and 242139d.

📒 Files selected for processing (2)
  • docs/Modules.md
  • nettacker/modules/vuln/litellm_cve_2026_42208.yaml
✅ Files skipped from review due to trivial changes (1)
  • docs/Modules.md
🚧 Files skipped from review as they are similar to previous changes (1)
  • nettacker/modules/vuln/litellm_cve_2026_42208.yaml

Summary by CodeRabbit

  • New Features

    • Added a new LiteLLM-based pre-auth SQL injection vulnerability check for CVE-2026-42208 with high severity (9.8), covering the GET /v1/models route and detecting via crafted authorization timing behavior.
  • Documentation

    • Updated the vulnerability modules documentation to include the new “Vuln Modules” entry for litellm_cve_2026_42208_vuln.

Walkthrough

This PR adds a new Nettacker vulnerability module for CVE-2026-42208, a pre-authentication SQL injection issue in LiteLLM proxy, and registers it in the module catalog.

Changes

CVE-2026-42208 SQL Injection Detection Module

Layer / File(s) Summary
SQL injection vulnerability module configuration
nettacker/modules/vuln/litellm_cve_2026_42208.yaml
Vulnerability module definition with severity 9.8, description, references, and one HTTP detection payload. It sends a GET request to /v1/models with a crafted Bearer Authorization header using pg_sleep(6) and checks for both a 401 status code and a response-time threshold of at least 6 seconds.
Module documentation entry
docs/Modules.md
Adds a Vuln Modules catalog entry for litellm_cve_2026_42208_vuln.

Estimated code review effort: 1 (Trivial) | ~5 minutes

Suggested labels: new module

Suggested reviewers: arkid15r, securestep9

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly matches the main change: a new LiteLLM CVE-2026-42208 detection module.
Description check ✅ Passed The description is directly about adding the LiteLLM CVE-2026-42208 detection module and related testing.
Linked Issues check ✅ Passed The module matches #1548 by using a Bearer Authorization time-based SQLi check with 401 and delay conditions.
Out of Scope Changes check ✅ Passed The only changes are the new module and its documentation update, both within the requested scope.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

Copy link
Copy Markdown

The linked issue must be assigned to the PR author.

@securestep9

Copy link
Copy Markdown
Collaborator

@coderabbitai full review

@coderabbitai

coderabbitai Bot commented Jul 4, 2026

Copy link
Copy Markdown
Contributor
✅ Action performed

Full review finished.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@nettacker/modules/vuln/litellm_cve_2026_42208.yaml`:
- Around line 51-57: The timing-only match in the response conditions can
produce false positives because `responsetime: ">= 6"` is evaluated against raw
latency. Update the LiteLLM CVE template’s response logic to use a baseline
discriminator before trusting the latency threshold, such as a control request
or an additional check alongside the existing `status_code` and `responsetime`
conditions, so the hit depends on the delayed response rather than a naturally
slow 401.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 9b7f4dea-c8fb-477d-b9ef-60b8d9f8d51b

📥 Commits

Reviewing files that changed from the base of the PR and between ef0c6b0 and 1891cec.

📒 Files selected for processing (2)
  • docs/Modules.md
  • nettacker/modules/vuln/litellm_cve_2026_42208.yaml

Comment thread nettacker/modules/vuln/litellm_cve_2026_42208.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Module-request] CVE-2026-42208 (SQL Injection in LiteLLM Proxy)

2 participants