| license: mit | |
| tags: | |
| - security-research | |
| - modelscan-bypass | |
| - pickle-safety | |
| # modelscan-bypass-pathlib-write | |
| ## Modelscan Bypass PoC — pathlib.Path + operator.methodcaller | |
| **Severity**: HIGH | |
| **Impact**: Arbitrary file write via pathlib.Path.write_text() | |
| **modelscan version**: 0.7.6 | |
| **Chain**: pathlib.Path("/target") + operator.methodcaller("write_text", "payload") → writes any file | |
| **Root cause**: Neither `pathlib` nor `operator.methodcaller` are in modelscan blocklist. | |