Remote Code Execution Vulnerability in Fooocus
The write-up describes an unauthenticated remote code execution issue in Fooocus, a widely used open-source AI image generation WebUI, caused by unsafe use of Python eval on user-controlled metadata. When a user imports generation settings from an image, Fooocus reads JSON embedded in the image EXIF and passes fields such as styles into get_list(), which does h = eval(h) before asserting the result is a list. An attacker can embed a payload like __import__('os').system('...') or ['Fooocus V2'] so arbitrary OS commands execute first while still returning a valid list, making the malicious import appear normal in the UI. The bug is especially dangerous for internet-exposed instances because a crafted image or metadata import can yield full code execution on the host, and the author states the issue has remained unpatched for roughly six months after disclosure.