Hashicorp vagrant-vmware-fusion 4.0.20 Privilege Escalation
CVE-2017-7642 Local root privesc in Hashicorp vagrant-vmware-fusion " - i.e. it doesn't verify the path to the ruby script and it doesn't scrub the PATH variable either. We can easily exploit this to get root. Hashicorp were quick to respond and kindly paid me a small bounty f...