Share
## https://sploitus.com/exploit?id=1D95AE51-553A-551C-AC83-B19834AFF512
# CVE-2025-45809 β LiteLLM SQL Injection via `/key/block` (Time-Based Blind SQLi)
> **LiteLLM** v1.65.4 (versions prior to v1.81.0)βs `/key/block` and `/key/unblock` endpoints have a **SQL injection vulnerability** involving the `key` parameter. Attackers can exploit time-based blind injection techniques to steal database content and read server files.
| **CVE** | **CVE-2025-45809** |
|--------|--------|
| **GHSA** | GHSA-cgmh-xxmq-hp46 |
| **CVSS v3.1** | **5.4 (MEDIUM)** β `AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N` |
| **CWE** | CWE-89 (SQL Injection) |
| **Affected** | LiteLLM ****Note: It takes approximately 30β60 seconds for the container to start after installation of Prisma CLI and database initialization. The exploit should be executed after the log shows βUvicorn running on http://0.0.0.0:4000β. ---
## Environment
```
CVE-2025-45809/
βββ README.md # This file
βββ docker-compose.yml # PostgreSQL + vulnerable/fixed LiteLLM
βββ litellm_config.yaml # LiteLLM config with DB connection
βββ requirements.txt # Python dependencies
βββ litellm-vuln/
β βββ Dockerfile # Use Prepared Statements instead of f-string concatenation
βββ exploit/
β βββ exploit.py # Main exploit script
β βββ payload.py # SQL injection payload builder
βββ docs/
β βββ advisory.md
βββ screenshots/
βββ README.md
```
## Fix
The issue was fixed in v1.81.0 by using **parameterized queries** instead of f-string concatenation:
```python
# Fixed β Using parameterized queries
query = "UPDATE keys SET blocked=true WHERE key=:key"
await database.execute(query, {"key": key}) # Parameterized input validation
```
### Mitigation measures
1. **Upgrade** LiteLLM to **v1.81.0+**
2. Use **parameterized queries** instead of string concatenation
3. Implement strict input validation for the `key` parameter
4. Deploy WAF to prevent SQL injection attacks
## References
- [NVD Detail](https://nvd.nist.gov/vuln/detail/CVE-2025-45809)
- [Huntr Bounty](https://huntr.com/bounties/3e6e4d40-b06a-4f54-a3ed-cc93584b12f3)
- [Snyk Advisory](https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-10598343)
- [GitHub PoC (shadia0/Patienc)](https://github.com/shadia0/Patienc/blob/main/litellm/SQL_injection.md)
> **Disclaimer:** This content is provided for **educational purposes and authorized security testing only.**
[source-iocs-preserved url=http://0.0.0.0:4000`]