CVE-2024-4889 | berriai litellm eval UI_LOGO_PATH code injection

Posted by Angelo Barbosa | Jun 6, 2024 | CVE

A vulnerability was found in berriai litellm. It has been declared as critical. This vulnerability affects the function eval. The manipulation of the argument UI_LOGO_PATH leads to code injection.

This vulnerability was named CVE-2024-4889. The attack can be initiated remotely. There is no exploit available.

CVE-2024-4889 | berriai litellm eval UI_LOGO_PATH code injection

Related Posts

CVE-2024-25291 | Deskfiler 1.2.3 Plugin unrestricted upload

CVE-2024-5590 | Netentsec NS-ASG Application Security Gateway 6.3 JSON Content uploadiscuser.php messagecontent sql injection

CVE-2024-22769 | Hitron DVR HVR-8781 up to 4.02 default credentials

CVE-2024-6996 | Google Chrome up to 126.0.6478.182 Frames Privilege Escalation