Hugging Face's logo

manja316
/
modelscan-bypass-xmlrpc

Model card Files
xet
 Community
modelscan-bypass-xmlrpc / README.md
manja316's picture
manja316
Upload README.md with huggingface_hub
42032ff verified
preview code
|
raw
history blame contribute delete
512 Bytes

modelscan-bypass-xmlrpc

ProtectAI modelscan Bypass PoC

Module: xmlrpc proxy Impact: xmlrpc.client.ServerProxy bypass - RPC to attacker server Scanner: modelscan 0.7.6 (latest on PyPI) Result: "No issues found" — bypass confirmed

Reproduction 

pip install modelscan
modelscan scan -p xmlrpc_proxy.pkl
# Output: "No issues found!"
# But pickle.load() executes the payload

Responsible Disclosure

This PoC is uploaded for responsible disclosure via Huntr MFV program.