📄 dcontrol 1.0.9 Keyboard Injection Remote Code Execution

dcontrol version 1.0.9 is vulnerable to an unauthenticated remote code execution via keyboard input injection. The /control-api/monitor/sendkey and /control-api/monitor/sendtext endpoints allow an unauthenticated attacker to simulate keyboard input on the target system. By chaining these endpoint...