SUSE CVE-2025-34075

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host's Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does...

CVE-2025-34075

...

CVE-2025-34075

CVE-2025-34075 entry is labeled rejected/withdrawn by the CNA. Connected docs describe a guest-to-host code-execution vector in HashiCorp Vagrant via the default synced-folder Vagrantfile exposure: Vagrant mounts the host project directory (including Vagrantfile) into the guest, and an attacker w...

CVE-2025-34075

...

HashiCorp Vagrant has code injection vulnerability through default synced folders

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant or C:\vagrant on Windows. Thi...

Vagrant Synced Folder Vagrantfile Breakout

This module exploits a default Vagrant synced folder shared folder to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable 'vagrant' directory o...

PT-2025-27667 · Hashicorp · Hashicorp Vagrant

Name of the Vulnerable Software and Affected Versions: HashiCorp Vagrant affected versions not specified Description: An authenticated virtual machine escape issue exists in HashiCorp Vagrant when using the default synced folder configuration. This configuration automatically mounts the host...

Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit

Exploit for macOS platform in category local exploits Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to...

Hashicorp vagrant-vmware-fusion 5.0.3 Local Privilege Escalation

Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to root privesc with no user interaction so isn't the ki...

ntop 2.5 Cross Site Request Forgery / Command Execution

To make things easier, I created a Vagrantfile with provisioning so you can have your own nbox appliance and test my findings or give it a shot. There is more stuff to be found, trust me : https://github.com/javuto/nbox-pwnage Replace NTOP-BOX with the IP address of your appliance presuming that...