Hugging Face's logo

manja316
/
modelscan-bypass-timeit

PyTorch
Model card Files
xet
 Community
modelscan-bypass-timeit / README.md
manja316's picture
manja316
Upload README.md with huggingface_hub
2285472 verified
preview code
|
raw
history blame contribute delete
515 Bytes
# modelscan-bypass-timeit
## ProtectAI modelscan Bypass PoC
**Module**: `timeit rce`
**Impact**: timeit.timeit RCE bypass - exec() on arbitrary string via pickle
**Scanner**: modelscan 0.7.6 (latest on PyPI)
**Result**: "No issues found" — bypass confirmed
### Reproduction
```bash
pip install modelscan
modelscan scan -p timeit_rce.pkl
# Output: "No issues found!"
# But pickle.load() executes the payload
```
### Responsible Disclosure
This PoC is uploaded for responsible disclosure via Huntr MFV program.