Critical Vulnerability Information CVE ID: CVE-2026-0780 CVSS Score: 7.2, AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Vendors: ALGO Affected Products: 8180 IP Audio Alerter Vulnerability Details This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Disclosure Timeline 2025-10-31: Vulnerability reported to vendor 2026-01-09: Coordinated public release of advisory 2026-01-09: Advisory Updated Credit Vera Mensa of Claroty Research - Team82 Mitigation Given the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the product.