You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Modelscan urllib SSRF Bypass PoC

Security research - modelscan bypass via urllib.request.urlopen.

DO NOT LOAD THESE FILES - they contain proof-of-concept SSRF payloads.

Vulnerability

modelscan blocks httplib, requests.api, and aiohttp.client but NOT urllib.request. This allows SSRF via urllib.request.urlopen() that passes modelscan with "No issues found".

Modules Used

urllib.request.urlopen - not in unsafe_globals blocklist

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support