Upload README.md with huggingface_hub

1d8beb7 verified 4 days ago

947 Bytes

license: mit
tags:
  - security-research
  - vulnerability-poc

coremltools .mlpackage Path Traversal PoC (CWE-22)

Security Research — Responsible Disclosure

This repository contains a proof-of-concept malicious .mlpackage demonstrating a path traversal vulnerability in Apple coremltools' ModelPackage Manifest.json handling.

Files

malicious.mlpackage/ — Malicious .mlpackage directory with traversal path in Manifest.json
poc.py — Exploitation script

Vulnerability

coremltools does not validate the path field in .mlpackage/Manifest.json. An attacker can use ../ sequences to cause getRootModel().path() to return a path outside the package, which is then opened by load_spec().

Usage

pip install coremltools
python poc.py

Disclaimer

This PoC is for authorized security research and responsible disclosure only. The target file is /etc/hostname (harmless, world-readable).