Share
## https://sploitus.com/exploit?id=1D95AE51-553A-551C-AC83-B19834AFF512
# CVE-2025-45809 – LiteLLM SQL Injection via `/key/block` (Time-Based Blind SQLi)

> **LiteLLM** v1.65.4 (versions prior to v1.81.0)’s `/key/block` and `/key/unblock` endpoints have a **SQL injection vulnerability** involving the `key` parameter. Attackers can exploit time-based blind injection techniques to steal database content and read server files.

| **CVE** | **CVE-2025-45809** |
|--------|--------|
| **GHSA** | GHSA-cgmh-xxmq-hp46 |
| **CVSS v3.1** | **5.4 (MEDIUM)** β€” `AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N` |
| **CWE** | CWE-89 (SQL Injection) |
| **Affected** | LiteLLM ****Note: It takes approximately 30–60 seconds for the container to start after installation of Prisma CLI and database initialization. The exploit should be executed after the log shows β€œUvicorn running on http://0.0.0.0:4000”. ---

## Environment

```
CVE-2025-45809/
β”œβ”€β”€ README.md                    # This file
β”œβ”€β”€ docker-compose.yml           # PostgreSQL + vulnerable/fixed LiteLLM
β”œβ”€β”€ litellm_config.yaml          # LiteLLM config with DB connection
β”œβ”€β”€ requirements.txt             # Python dependencies
β”œβ”€β”€ litellm-vuln/
β”‚   └── Dockerfile               # Use Prepared Statements instead of f-string concatenation
β”œβ”€β”€ exploit/
β”‚   β”œβ”€β”€ exploit.py               # Main exploit script
β”‚   └── payload.py               # SQL injection payload builder
β”œβ”€β”€ docs/
β”‚   └── advisory.md
└── screenshots/
    └── README.md
```

## Fix

The issue was fixed in v1.81.0 by using **parameterized queries** instead of f-string concatenation:

```python
# Fixed β€” Using parameterized queries
query = "UPDATE keys SET blocked=true WHERE key=:key"
await database.execute(query, {"key": key})  # Parameterized input validation
```

### Mitigation measures

1. **Upgrade** LiteLLM to **v1.81.0+**
2. Use **parameterized queries** instead of string concatenation
3. Implement strict input validation for the `key` parameter
4. Deploy WAF to prevent SQL injection attacks

## References

- [NVD Detail](https://nvd.nist.gov/vuln/detail/CVE-2025-45809)
- [Huntr Bounty](https://huntr.com/bounties/3e6e4d40-b06a-4f54-a3ed-cc93584b12f3)
- [Snyk Advisory](https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-10598343)
- [GitHub PoC (shadia0/Patienc)](https://github.com/shadia0/Patienc/blob/main/litellm/SQL_injection.md)

> **Disclaimer:** This content is provided for **educational purposes and authorized security testing only.**

[source-iocs-preserved url=http://0.0.0.0:4000`]