Submit #811280: litellm <= 1.82.2 Improper Authorization (CWE-285)info

Titlelitellm <= 1.82.2 Improper Authorization (CWE-285)
Description# Technical Details An Authentication Bypass vulnerability exists in the `litellm/proxy/auth/user_api_key_auth.py` file of litellm. The application fails to apply the same route guard restrictions (`is_llm_api_route` and `is_info_route`) to JWT Machine-to-Machine (M2M) authentication that were properly implemented for OAuth2 M2M auth. This enables JWT tokens to bypass UI Single Sign-On (SSO) separation. # Vulnerable Code File: `litellm/proxy/auth/user_api_key_auth.py` Method: M2M Token Validation Loop Why: When `enable_jwt_auth` is configured, if the JWT matches the `admin_jwt_scope`, the system blindly generates a `UserAPIKeyAuth` object with the `PROXY_ADMIN` role for ANY route, without validating whether the endpoint requested is an administrative UI management endpoint (like `/user/new`) or a simple LLM inference path. # Reproduction 1. Deploy LiteLLM with `enable_jwt_auth: true` and configure a JWKS identity provider. 2. Mint a JWT bearing the `litellm_proxy_admin` scope through the mock/production identity provider. 3. Submit a POST request to a UI Management endpoint using the JWT: `curl -X POST http://localhost:4000/user/new -H "Authorization: Bearer <JWT_TOKEN>" -H "Content-Type: application/json" -d '{"user_email": "[email protected]"}'` 4. The system completely bypasses the SSO login requirement and grants administrative execution of the proxy management action. # Impact - Severe Administrative Privilege Escalation to fully control the UI Proxy backend. - Unauthorized creation of new users, teams, and API keys, completely subverting budget and architectural constraints.
Source⚠️ https://gist.github.com/YLChen-007/70e4e106527f74ddf17953ff0f6c248d
User
 Eric-c (UID 96848)
Submission04/23/2026 09:56 (2 months ago)
Moderation06/20/2026 11:26 (2 months later)
StatusAccepted
VulDB entry372513 [BerriAI litellm up to 1.82.2 M2M JWT user_api_key_auth.py improper authorization]
Points20

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!