Description
ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the Alert-Info header of SIP INVITE requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28301.
Published: 2026-01-23
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack-based buffer overflow exists in the processing of the Alert-Info header of SIP INVITE requests for ALGO 8180 IP Audio Alerter devices. The flaw is caused by a lack of validation on the length of user supplied data before copying it into a fixed‑length stack buffer, allowing a crafted message to overwrite execution control data. Because no authentication is required, a remote attacker can send an arbitrary SIP INVITE over the network and cause the device to execute attacker supplied code in the context of the device’s firmware.

Affected Systems

ALGO Solutions’ 8180 IP Audio Alerter devices, firmware version 5.5 and earlier, are impacted. The advisory does not provide more granular version details beyond the information that devices running firmware 5.5 and prior are vulnerable.

Risk and Exploitability

The vulnerability carries a CVSS score of 9.8, indicating a critical impact. The EPSS score is less than 1 %, suggesting a low current exploitation probability, but the vulnerability is not listed in CISA’s KEV catalog. Exploitation is possible remotely through network traffic by sending a crafted SIP INVITE message with a malicious Alert‑Info header; authentication is not required, making the attack vector open to any device accessible over the network.

Generated by OpenCVE AI on April 18, 2026 at 15:18 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device to the latest firmware that contains the vendor‑supplied patch or apply the specific fix if provided by ALGO Solutions.
  • Restrict inbound SIP traffic to only trusted or authenticated sources, or enforce firewall/ACL rules that block SIP INVITE messages containing an Alert‑Info header until the patch is applied.
  • Monitor device logs and network traffic for suspicious SIP INVITE activity, particularly Alert‑Info header usage, and alert on anomalous patterns.
  • As a temporary measure, disable or neutralize the Alert‑Info processing feature in the device’s SIP stack, following any vendor guidance, to mitigate the risk until a permanent fix is available.

Generated by OpenCVE AI on April 18, 2026 at 15:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
Weaknesses CWE-787
CPEs cpe:2.3:h:algosolutions:8180_ip_audio_alerter:-:*:*:*:*:*:*:*
cpe:2.3:o:algosolutions:8180_ip_audio_alerter_firmware:5.5:*:*:*:*:*:*:*
Vendors & Products Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Fri, 23 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Algo
Algo 8180 Ip Audio Alterer
Vendors & Products Algo
Algo 8180 Ip Audio Alterer

Fri, 23 Jan 2026 03:30:00 +0000

Type Values Removed Values Added
Description ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Alert-Info header of SIP INVITE requests. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28301.
Title ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability
Weaknesses CWE-121
References
Metrics cvssV3_0

{'score': 8.1, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Algo 8180 Ip Audio Alterer
Algosolutions 8180 Ip Audio Alerter 8180 Ip Audio Alerter Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-01-23T16:37:17.232Z

Reserved: 2026-01-08T22:55:50.331Z

Link: CVE-2026-0792

cve-icon Vulnrichment

Updated: 2026-01-23T16:37:11.637Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-23T04:16:06.987

Modified: 2026-02-18T18:52:15.563

Link: CVE-2026-0792

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T15:30:03Z

Weaknesses