The flaw in the ALGO 8180 IP Audio Alerter web interface permits a command injection that leads to remote code execution when an authenticated user supplies a crafted input. Because the input is not sanitized before being passed to a system call, an attacker can run arbitrary commands in the context of the device. This results in full compromise of the affected system, granting the attacker total control over configuration, data, and firmware. The weakness conforms to CWE‑78, a classic command injection scenario. The vulnerability’s severity score is 8.8 (High) and an exploitation probability (EPSS) of less than 1% suggests that few attackers exploit it today.

Any installation of the ALGO 8180 IP Audio Alerter device running firmware 5.5 is affected. The product is manufactured by Algo Solutions and identified by the CPE strings for hardware and firmware as listed. No other version or operating system is mentioned, so the issue is limited to the specific hardware platform and its current firmware build.

The vulnerability requires successful authentication to the web UI, so it only impacts users with administrative or privileged access. Attackers who gain such credentials, or who can otherwise authenticate via the web interface, can trigger the injection and execute code with device privileges. The high CVSS score underscores the damage potential once exploited. Even though the EPSS indicates a low probability of widespread exploitation, the presence of a working exploit (ZDI-CAN‑28321) and the lack of an immediate KEV listing suggest that organizations should treat this as a serious threat and remediate promptly. The attack vector is via the web UI; no network segmentation or firewall restrictions are implied, so securing the UI or isolating the device are logical mitigations.