HTB SmartHire: CVE-2024-37054 (MLflow RCE) → Python Module Hijacking via .pth
An MLflow deserialization vulnerability (CVE-2024-37054) provides initial access. Privilege escalation uses a Python module hijacking via site.addsitedir and malicious .pth files to execute code as root.
