Mario Cola

**Name of the Vulnerable Software and Affected Versions** LIVEBOX Collaboration vDesk versions through v018 **Description** An issue allows an Unrestricted Upload of a File with a Dangerous Type under the vShare web site section. A remote user, authenticated to the product, can arbitrarily upload potentially dangerous files without restrictions. **Recommendations** For LIVEBOX Collaboration vDesk versions through v018, restrict access to the vShare web site section to minimize the risk of exploitation. Consider implementing file type restrictions and validation to prevent the upload of dangerous files until a fix is available.