Upload folder using huggingface_hub

1f398d4 verified 2 months ago

618 Bytes

library_name: pytorch
tags:
  - security-research
  - modelscan-bypass
license: mit

ModelScan Bypass PoC — mailcap.findmatch

Security research for responsible disclosure via Huntr MFV program.

Vulnerability

mailcap.findmatch is not in modelscan's unsafe_globals blocklist. modelscan reports "No issues found" but loading triggers calls os.system() internally to execute mailcap entries. If mailcap file contains attacker-controlled commands, achieves command execution..

Impact: HIGH

Reproduction

pip install modelscan
modelscan scan -p bypass_poc.pkl
# Output: "No issues found!"