{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2025-45809/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["LiteLLM (\u003c 1.81.0)"],"_cs_severities":["medium"],"_cs_tags":["sqli","sql-injection","CVE-2025-45809"],"_cs_type":"advisory","_cs_vendors":["Litellm"],"content_html":"\u003cp\u003eA SQL Injection vulnerability, tracked as CVE-2025-45809, affects LiteLLM versions prior to 1.81.0. The vulnerability resides in the \u003ccode\u003e/key/block\u003c/code\u003e and \u003ccode\u003e/key/unblock\u003c/code\u003e endpoints. A public exploit is available, demonstrating that an attacker can leverage time-based blind SQL injection via the \u003ccode\u003ekey\u003c/code\u003e parameter to extract sensitive database information and potentially read files from the server. Successful exploitation could lead to data exfiltration and unauthorized access to internal systems. It is crucial for organizations using vulnerable versions of LiteLLM to upgrade to version 1.81.0 or later, or apply the suggested mitigations.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable LiteLLM instance running a version prior to 1.81.0.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting either the \u003ccode\u003e/key/block\u003c/code\u003e or \u003ccode\u003e/key/unblock\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe crafted request includes a SQL injection payload within the \u003ccode\u003ekey\u003c/code\u003e parameter, designed for time-based blind injection.\u003c/li\u003e\n\u003cli\u003eThe LiteLLM application processes the request without proper sanitization, executing the injected SQL code against the underlying database.\u003c/li\u003e\n\u003cli\u003eThe attacker monitors the response time of the server. The time delay is used to infer the results of the SQL query due to the blind nature of the injection.\u003c/li\u003e\n\u003cli\u003eThrough repeated requests and refined payloads, the attacker progressively extracts database contents, such as usernames, passwords, and API keys.\u003c/li\u003e\n\u003cli\u003eThe attacker uses extracted credentials to gain unauthorized access to other services or resources.\u003c/li\u003e\n\u003cli\u003eThe attacker may read files from the server.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this SQL injection vulnerability (CVE-2025-45809) could allow an unauthenticated attacker to steal sensitive database contents, including API keys and user credentials. While the CVSS score is rated as medium (5.4), the impact can be high if the compromised data grants access to critical systems or exposes sensitive customer information. Organizations using affected versions of LiteLLM are urged to apply the necessary patches or mitigations to prevent potential data breaches and unauthorized access.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade LiteLLM to version 1.81.0 or later to remediate CVE-2025-45809.\u003c/li\u003e\n\u003cli\u003eImplement input validation on the \u003ccode\u003ekey\u003c/code\u003e parameter in the \u003ccode\u003e/key/block\u003c/code\u003e and \u003ccode\u003e/key/unblock\u003c/code\u003e endpoints.\u003c/li\u003e\n\u003cli\u003eDeploy a Web Application Firewall (WAF) to filter out requests containing SQL injection patterns, as recommended in the advisory.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious activity targeting the \u003ccode\u003e/key/block\u003c/code\u003e and \u003ccode\u003e/key/unblock\u003c/code\u003e endpoints to detect potential exploitation attempts (see webserver log source in the rules below).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-19T04:01:42Z","date_published":"2026-05-19T04:01:42Z","id":"https://feed.craftedsignal.io/briefs/2026-05-litellm-sqli/","summary":"A SQL Injection vulnerability (CVE-2025-45809) in LiteLLM versions prior to 1.81.0 allows unauthenticated attackers to potentially steal database contents and read server files via time-based blind SQL injection in the `/key/block` and `/key/unblock` endpoints.","title":"LiteLLM SQL Injection Vulnerability (CVE-2025-45809)","url":"https://feed.craftedsignal.io/briefs/2026-05-litellm-sqli/"}],"language":"en","title":"CraftedSignal Threat Feed — CVE-2025-45809","version":"https://jsonfeed.org/version/1.1"}