LiteLLM - Authenticated Exposure of Sensitive Information via Health Endpoint API_KEY Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2025-11203. PoCs published by learner202649.
AI-analyzed exploit summary This repository contains a functional exploit for CVE-2025-11203, demonstrating how the LiteLLM `/health` endpoint leaks API keys due to incomplete sanitization in versions < 1.63.14. The exploit includes a Dockerized vulnerable environment and a Python script to extract leaked credentials.
Description
LiteLLM Information health API_KEY Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of LiteLLM. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the API_KEY parameter provided to the health endpoint. The issue results from exposing sensitive information to an unauthorized actor. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-26585.
Exploits (1)
This repository contains a functional exploit for CVE-2025-11203, demonstrating how the LiteLLM `/health` endpoint leaks API keys due to incomplete sanitization in versions < 1.63.14. The exploit includes a Dockerized vulnerable environment and a Python script to extract leaked credentials.
References (2)
Scores
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N