📄 Mouselink 5.0.1 Remote Code Execution

Mouselink version 5.0.1 allows unauthenticated remote attackers to execute arbitrary commands by abusing an exposed login endpoint and insecure WebSocket-based keyboard simulation. With no password per default, an attacker can obtain a JWT token, open a WebSocket session, and simulate keystrokes ...