YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
⚠️ WARNING — Security Research PoC
DO NOT load this model in production environments. DO NOT use this model for any purpose other than security research.
What is this?
This repository contains a proof-of-concept (PoC) model file created for responsible security vulnerability disclosure via huntr.com.
Vulnerability Type
Path Traversal (CWE-22)
ONNX model with crafted external data location that bypasses OpenVINO's sanitize_path() — reads arbitrary files on model load.
Important Notes
- 🔴 This model is intentionally crafted to demonstrate a security vulnerability.
- 🔴 Loading this model may cause unintended behavior including arbitrary file reads.
- 🔴 DO NOT load in any production, staging, or shared environment.
- This PoC exists solely to support a responsible disclosure report.
- This repository will be removed or made private after the vulnerability review process is complete.
Responsible Disclosure
This PoC is part of a responsible disclosure process through huntr.com. The goal is to help maintainers identify and fix security issues, not to cause harm.
If you have questions about this repository, please contact the author or refer to the associated huntr.com report.