Description
ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the functionality for viewing the syslog. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to interact with the application in the context of the target user. Was ZDI-CAN-28298.
Published: 2026-01-23
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Persistent Cross‑Site Scripting with User Privilege Elevation
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a persistent XSS flaw in the syslog viewing function of the ALGO 8180 IP Audio Alerter web interface. It stems from missing validation of user‑supplied data and allows an attacker to inject arbitrary scripts, which the browser will execute in the context of the target user’s session. This can lead to theft of session cookies, unauthorized requests, or other actions performed with the target user’s privileges.

Affected Systems

Devices running ALGO Solutions 8180 IP Audio Alerter, particularly firmware versions around 5.5. The affected hardware includes the 8180 model with firmware 5.5, as identified in the product’s CPE listings. Newer firmware releases may contain the fix, but legacy devices remain vulnerable.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity, and the EPSS score of less than 1% reflects a low likelihood of exploitation as of the last assessment. The flaw does not require authentication; it can be triggered by any remote user through the web UI. While the attack requires only a web request, the potential for persistent script execution grants attackers an opportunity to compromise the session of any logged‑in user, potentially affecting confidentiality, integrity, and availability of the system. The vulnerability is not yet listed in the CISA KEV catalog, suggesting no widely known exploitation at this time.

Generated by OpenCVE AI on April 18, 2026 at 03:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device firmware to the latest version provided by ALGO Solutions that addresses the embedded XSS flaw
  • If a firmware update is unavailable, restrict external access to the web interface by placing the device behind a firewall or VPN so that only trusted administrators can reach it
  • Monitor and audit web logs for unexpected script entries and periodically review the syslog viewing feature to ensure no client‑side scripts are being executed

Generated by OpenCVE AI on April 18, 2026 at 03:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Feb 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
CPEs cpe:2.3:h:algosolutions:8180_ip_audio_alerter:-:*:*:*:*:*:*:*
cpe:2.3:o:algosolutions:8180_ip_audio_alerter_firmware:5.5:*:*:*:*:*:*:*
Vendors & Products Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Fri, 23 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Algo
Algo 8180 Ip Audio Alerter
Vendors & Products Algo
Algo 8180 Ip Audio Alerter

Fri, 23 Jan 2026 03:30:00 +0000

Type Values Removed Values Added
Description ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability. This vulnerability allows remote attackers to execute web requests with a target user's privileges on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the functionality for viewing the syslog. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to interact with the application in the context of the target user. Was ZDI-CAN-28298.
Title ALGO 8180 IP Audio Alerter Web UI Persistent Cross-Site Scripting Vulnerability
Weaknesses CWE-79
References
Metrics cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Algo 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter 8180 Ip Audio Alerter Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-01-23T19:41:10.814Z

Reserved: 2026-01-08T22:55:33.353Z

Link: CVE-2026-0788

cve-icon Vulnrichment

Updated: 2026-01-23T19:41:06.930Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-23T04:16:06.447

Modified: 2026-02-13T21:09:41.550

Link: CVE-2026-0788

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T03:30:25Z

Weaknesses