Description
ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the Replaces header of SIP INVITE requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28300.
Published: 2026-01-23
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

This vulnerability is a stack‑based buffer overflow triggered by the Replaces header in SIP INVITE requests. Because the device does not validate the length of user‑supplied data before copying it to a fixed‑length buffer, a crafted header can overwrite critical control data on the stack. The flaw enables remote attackers to inject code and execute it with the privileges of the device, leading to full compromise. The lack of an authentication requirement exacerbates the danger, allowing anyone on the network to launch the attack.

Affected Systems

The affected equipment is the ALGO 8180 IP Audio Alerter system, specifically firmware version 5.5 and likely earlier releases. All units of this product that receive SIP INVITE traffic are at risk. 5.5 is listed in the CPE for the device firmware, indicating that the issue exists in that revision. Users should verify the firmware version in use and determine if they are running a vulnerable build.

Risk and Exploitability

The CVSS score of 9.8 classifies the flaw as critical, while the EPSS score of less than 1% shows a very low chance of exploitation in the wild. The vulnerability is not currently in the CISA Known Exploited Vulnerabilities catalog, suggesting no known active attacks. Nonetheless, the attack vector is network‑based, does not require authentication, and can be performed by anyone with access to the device’s SIP port. The potential impact remains complete loss of device security, so the overall risk is high.

Generated by OpenCVE AI on April 18, 2026 at 03:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update released by ALGO that fixes the Replaces header buffer overflow flaw.
  • As a temporary safeguard, block or strip the Replaces header from incoming SIP INVITE messages using device configuration or a firewall rule.
  • Continuously monitor SIP traffic for abnormal INVITE requests and maintain alerts for repeated attempts.

Generated by OpenCVE AI on April 18, 2026 at 03:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
Weaknesses CWE-787
CPEs cpe:2.3:h:algosolutions:8180_ip_audio_alerter:-:*:*:*:*:*:*:*
cpe:2.3:o:algosolutions:8180_ip_audio_alerter_firmware:5.5:*:*:*:*:*:*:*
Vendors & Products Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Fri, 23 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Algo
Algo 8180 Ip Audio Alerter
Vendors & Products Algo
Algo 8180 Ip Audio Alerter

Fri, 23 Jan 2026 03:30:00 +0000

Type Values Removed Values Added
Description ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Replaces header of SIP INVITE requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28300.
Title ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability
Weaknesses CWE-121
References
Metrics cvssV3_0

{'score': 8.1, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Algo 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter 8180 Ip Audio Alerter Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-01-23T19:37:01.730Z

Reserved: 2026-01-08T22:55:46.514Z

Link: CVE-2026-0791

cve-icon Vulnrichment

Updated: 2026-01-23T19:36:58.396Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-23T04:16:06.857

Modified: 2026-02-18T18:52:53.537

Link: CVE-2026-0791

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T03:30:25Z

Weaknesses